05-22-2009 07:16 AM
Hi Everyone,
I'm working out a concept here and want to know if this can be done. On an ASA I would like to have 2 different interfaces connect to 2 different ISP's - one primary, one backup. As well I will be running VPN tunnels across the links.
What I want to know is if I have a tunnel established over ISP A to our remote site, and it fails, is there a way to have the state information and tunnel moved over to ISP B, on the same ASA device?
Thanks!
05-22-2009 09:26 AM
05-22-2009 09:36 AM
Thanks MS,
Unfortunately I have the need of being able to send the state information over to the other port as well - if possible.
I know there is "juni***" gear that can do this, but I'm not sure if the ASA's can or cannont - currently we're running ASA's.
My goal is to not only have a backup link for the sites, but aslo the VPN tunnel moved over automatically as well - as the reestablishment of these sessions cause great issues with the customers...
Thanks!
05-22-2009 02:29 PM
This would actually require some functionality that I don't believe is in the client either. The client has to know to tunnel to a different IP address to meet this need. Correct? There is an option for backup servers, but I don't think that is stateful.
05-23-2009 11:08 AM
Hi Paul,
That is correct. The client needs to tunnel through a different ISP which would mean that there is a different ISP in use. I'm not sure if it's possible, but thought I would see if anyone has come across this before...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide