Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
808
Views
0
Helpful
1
Replies

cisco 1811 to cisco ASA 5510 dual wan vpn

ciscopriyan
Level 1
Level 1

‎11-10-2011 02:19 PM

hi all

i have two branch offices A & B both connected by a vpn. i am planning to add another isp on both the locations and have it just for the vpn. i.e have the second isp do just vpn and all other traffic go through the older ISP.. what are my options ? am not planning to add any extra hardware and also am not planning on acheiving any fail-over or load-balancing because i know ASA 5510 does not do load-balancing.

A- cisco 1811

B -Cisco ASA 5510 

Labels:
0 Helpful
1 Reply 1

tarekaljallad
Level 1
Level 1

‎11-13-2011 07:36 AM

After plugging in the new lines into each device, and setting up their IPs, create a static route to the new IP of the other device and use the gateway of the new line for that route. repeat in the opposite direction then setup the tunnel using the new IPs.

You do not create a default route using the new ip, only a route to the other vpn line.

example:

1811 existing IP 1.1.1.1

1811 second (new) IP 2.2.2.2 - gateway 2.2.2.1

ASA existing IP 3.3.3.3

ASA new IP 4.4.4.4 - gateway 4.4.4.1 - nameif outside2

On 1811:

ip route 4.4.4.4 255.255.255.255 2.2.2.1

On ASA:

route outside2 2.2.2.2 255.255.255.255 4.4.4.1

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents