Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
731
Views
0
Helpful
3
Replies

Multiple Tunnels terminating on a ASA 5520

Naveen Gupta
Level 1
Level 1

‎09-28-2011 07:17 AM

We have 2 Cisco ASA 5520 configured as Active/Standby with public IPs 68.171.xxx.xx6 and 68.171.xxx.xx7 respectively.

We have 3 different vendors who are trying to access our Data Center. Do I have to have 3 different public IPs for these 3 different vendors? Or, just share the public IPs assigned to our 'Outside' interface? Appreciate any help on this.

Thanks!

Labels:
0 Helpful
3 Replies 3

Richard Burts
Hall of Fame
Hall of Fame

‎09-28-2011 09:25 PM

Naveen

You do not need a separate outside IP for each vendor. All three vendors can use the same outside interface address for their tunnel.

HTH

Rick

Sent from Cisco Technical Support iPhone App

HTH

Rick
0 Helpful

Naveen Gupta
Level 1
Level 1
In response to Richard Burts

‎09-29-2011 05:07 AM

Thanks Rick. I think I understand this part. But, which outside IP address do I need to use for the tunnel. There are 2 ASA's configured as Active/Standby. Would giving just the outside IP of the Active ASA will be sufficient. How will the tunnel work if Active ASA goes down.

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Naveen Gupta

‎09-29-2011 05:06 PM

Yes. Just use the outside address of the active ASA. In the event of a failover the backup actually takes over the address from the primary.

HTH

Rick

Sent from Rick Burts mobile.

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents