02-24-2023 05:41 AM
Hello Folks,
We have got a new requirement from the client to configure IPsec S-2-S VPN with their 2 remote sites. This means at our end VPN is built on ASA 5545-X(managed by FMC) and the remote end is 2 client sites.
The encryption domains are the same at the client end and they have requested to configure this as Primary and Secondary VPNs.
Need your suggestions on how to achieve this since I don't see any option on FTD to configure primary/secondary VPNs.
Solved! Go to Solution.
02-24-2023 07:07 AM
Hi Guys, please ignore this as we got to know how to achieve this. There is an option to add a backup peer IP. I didn't notice initially. Anyways, thanks for your response.
02-24-2023 06:31 AM - edited 02-24-2023 06:31 AM
use hub and spoke if you have two remote site
02-24-2023 06:38 AM
Thanks, @MHM Cisco World . I did look at the HUB and Spoke option but I am not sure if it will work as Primary and secondary meaning, both VPNs will use the same encryption domain but the VPN with one of the client sites is active and the VPN with another site will act as a fallback and will be active once the primary site goes down.
Can you please advise it this is possible by any chance?
02-24-2023 06:48 AM
02-24-2023 06:57 AM
Thanks, but this will not work because we are connected to a single ISP.
02-24-2023 07:07 AM
Hi Guys, please ignore this as we got to know how to achieve this. There is an option to add a backup peer IP. I didn't notice initially. Anyways, thanks for your response.
02-24-2023 07:11 AM
glad your issue is solve.
have a nice day
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide