Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
597
Views
0
Helpful
1
Replies

Two separate L2L tunnels between same two ASA

gkeel
Level 1
Level 1

‎12-15-2011 02:42 PM

I have a large MPLS fully meshed network with two main locations, both of which have an ASA with internet access as well as the MPLS access.  I need to be able to provide a backup connection between the two main locations in the event one of the MPLS links to one or the other goes down.

I am considering using a L2L IPSEC tunnel between the two ASA's but the interesting traffic for the tunnel is different depending on which of the links is down and there fore I would need two different tunnels.  I have my servers and remote desktop servers at one of the main sites and the other main site has another organization attached to it externally that the servers must be able to access.

Is there a way of creating two separate L2L tunnels between the two ASA's?  Could I perhaps assign two public IP addresses to each of the ASA's and then create the tunnels between different endpoints on each ASA?

Does anyone have another possible solution to the problem? 

Gene

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-15-2011 07:14 PM

You should be able to do what you want using IP SLA. Please see this excellent blog post which documents one way to accomplish it.

Hope this helps.

0 Helpful
Customers Also Viewed These Support Documents