Hub with Redundancy connected to Spokes with Overlapping IP Addresses
I was just wondering what would be the best possible solution to configure a Hub/Spoke network topology using CISCO ASAs when the spoke networks have overlapping IP addresses attached to a Dual Hub design for redundancy. 2nd Hub will be located at a Disaster Recovery site.
Currently the set up has been configured with XLATED IP on both Hub/Spoke addresses to fix the overlapping IP address issue. 2 concurrent VPN tunnels (2 Hubs > Spoke) connected to achieve some sort of redundancy. This configuration works but I don't think it is very optimised.
Although we have no issue running 2 concurrent tunnels, it would be more efficient to only have 1 active tunnel and 1 as standby when the active goes down. Which also brings me to my next question, how would we automate it so that we can return traffic to the first hub when it comes back online?
Additionally, another issue is that we would like to send back SMTP emails from a device on the spoke, where only 1 email receiver/sender input is possible. What would be the best way to segregate traffic between the two Hubs to reestablish a VPN connection and send SMTP email to the either Hubs where only 1 input address is possible?
Join us for a detailed discussion of the integrations between Cisco Secure Email and SecureX. We’ll share the various ways that SecureX provides greater visibility across the Cisco Security landscape and demonstrate how Secure Email is the ...
ISE 2.7 FCS
To display default country code and Place holder customization please follow the below steps.
Upload the attached js file in Custom Portal Files.
Go to portal and add the below script in the Registration Form pag...
Part 1: The Basics
Hard-copy printing may feel very “old school” now, but a recent flurry of activity related to the print spooler service on Windows operating systems has brought one of the oldest IT applications back into the spotlight again. Our...
Python on Cisco Secure Email
The Python package used in our appliances is not a standard deployment --- just like AsyncOS is not your typical FreeBSD (a free and open-source Unix-like operating system descended from the Berkeley Software Distributio...
Wireless Controller WLC integration with Cisco ISE for access control through 802.1X is one of the most popular deployment in the network security field. Now is the employee PC safe after the authentication and authorization?even after the posture o...