cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
608
Views
0
Helpful
1
Replies

user session in remote access vpn

suthomas1
Level 6
Level 6

Hi,

If i connect two asa in cluster configurations for enabling load balancing for remote access vpn and if suppose the first asa in the cluster fails.

What happens to the user who might be connected to the first cluster at that time. Will he be disconnected and then re-connect again using the second active device in cluster or will he still remain connected even though the main device fails.

The set up is users connecting to a switch , on which both the asa's are also connected.

Thanks in advance.

1 Accepted Solution

Accepted Solutions

Jennifer Halim
Cisco Employee
Cisco Employee

You would need to configure both VPN load balancing as well as ASA failover.

Once both is configured, if one ASA fails, it  will automatically be taken by the standby ASA, and VPN tunnel will continue, ie: user does not have to reconnect.

Here is the doc for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/vpnsysop.html#wp1058240

http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/ha_overview.html#wp1078941

Hope that answers your question.

View solution in original post

1 Reply 1

Jennifer Halim
Cisco Employee
Cisco Employee

You would need to configure both VPN load balancing as well as ASA failover.

Once both is configured, if one ASA fails, it  will automatically be taken by the standby ASA, and VPN tunnel will continue, ie: user does not have to reconnect.

Here is the doc for your reference:

http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/vpnsysop.html#wp1058240

http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/ha_overview.html#wp1078941

Hope that answers your question.