06-04-2012 09:39 AM
Hi,
If i connect two asa in cluster configurations for enabling load balancing for remote access vpn and if suppose the first asa in the cluster fails.
What happens to the user who might be connected to the first cluster at that time. Will he be disconnected and then re-connect again using the second active device in cluster or will he still remain connected even though the main device fails.
The set up is users connecting to a switch , on which both the asa's are also connected.
Thanks in advance.
Solved! Go to Solution.
06-05-2012 12:23 AM
You would need to configure both VPN load balancing as well as ASA failover.
Once both is configured, if one ASA fails, it will automatically be taken by the standby ASA, and VPN tunnel will continue, ie: user does not have to reconnect.
Here is the doc for your reference:
http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/vpnsysop.html#wp1058240
http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/ha_overview.html#wp1078941
Hope that answers your question.
06-05-2012 12:23 AM
You would need to configure both VPN load balancing as well as ASA failover.
Once both is configured, if one ASA fails, it will automatically be taken by the standby ASA, and VPN tunnel will continue, ie: user does not have to reconnect.
Here is the doc for your reference:
http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/vpnsysop.html#wp1058240
http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/ha_overview.html#wp1078941
Hope that answers your question.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide