01-21-2012 10:04 PM
Dears,
i need help configuring Site to Site VPN from cisco ASA to IOS router, the Router has 2 WAN links, one primary and second backup.
there was only one link week ago, now we have installed second link as backup, we are using OSPF as routing protocol.
VPN with single link was working fine, now when the primary link fails the network is down.
Waiting for reply.
Solved! Go to Solution.
01-22-2012 09:47 AM
This is an easy solution. On the router, you need terminate the VPN on the loopback interface.
something like this:
interface lo0
ip address x.x.x.x x.x.x.x
crypto map local-address lo0
interface wan_1
crypto map vpn
interface wan_2
crypto map vpn
One requirement is that the loopback interface must reachable by the ASA device.
01-22-2012 09:47 AM
This is an easy solution. On the router, you need terminate the VPN on the loopback interface.
something like this:
interface lo0
ip address x.x.x.x x.x.x.x
crypto map local-address lo0
interface wan_1
crypto map vpn
interface wan_2
crypto map vpn
One requirement is that the loopback interface must reachable by the ASA device.
01-22-2012 08:27 PM
thanks david,
i forgot to mention, yes this metho i have tried and it works but the only thing i cannot figure it out is the router inside interface.
Fa0/0
ip 172.17.17.10
fa0/1
ip 10.100.1.20
Ser0/0
Ip 192.168.100.3
this Fa0/0 is inside interface and the whole subnet /24 we want to make it interesting traffic, this interface we also use for snmp tools and monitoring and accessing device.
but this interface we cannot access, the VPN acting veired, some times we can ping and some time we cannot.
anny suggestions ???
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide