Hello Friends,
I have 2 Cisco ASA5515 firewalls at head office, i have 2 ISP connections as well. and at my retail locations i have cisco C891 routers. my goal is to connect the both RETAIL location and HEAD OFFICE with each other over IPSec L2L VPN with load balancing and Fail over. Basically i want High Availability.
Attached is the network diagram. can someone send me the Example of CLI configuration for the same. i have attached the network diagram.
Retail locations:
Each location would be connected to Head Office with 2 tunnels, 1 is primary and 2nd is back up.
Head Office:
1st ASA 5515 is connected to 1st ISP
2nd ASA 5515 is connected to 2nd ISP
Each ASA 5515 will handle 60 tunnels, as i have 120 remote locations.
1st ASA 5515: first 60 + Backup for remaining 60 tunnels
2nd ASA 5515: Remaining 60 + backup for first 60 tunnels
So both will handle 120 tunnels. each would be primary for 60 and backup for remaining 60. if 1 goes down, 2nd will handle the entire 120 tunnels.
and at Head Office i have 20 users as well, and i want PAT load balancing with fail over for internal users.
Thanks,
Sandy