03-15-2011 12:17 AM - edited 02-21-2020 05:13 PM
Hi people.
I recently faced an issue at work. Clients want to make ipsec site-to-site vpn redundant. I have 2-asa-5520 working in a stack. Is it possible to configure site-to-site vpn in a redundant mode, like first peer ip address is x.x.x.x and secondary is y.y.y.y (backup) ?
thank you very much in advance.
Solved! Go to Solution.
03-15-2011 05:48 AM
Hi,
You can define multiple peers in the crypto map, see:
http://www.cisco.com/en/US/docs/security/asa/asa72/command/reference/c5_72.html#wp2066090
You can as well define multiple tunels and let the routing protocol choose the best route.
Hope this help,
Bastien.
03-15-2011 05:48 AM
Hi,
You can define multiple peers in the crypto map, see:
http://www.cisco.com/en/US/docs/security/asa/asa72/command/reference/c5_72.html#wp2066090
You can as well define multiple tunels and let the routing protocol choose the best route.
Hope this help,
Bastien.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide