11-04-2011 01:24 PM
ASA5505 with 2 ISP's. Want General Internet on default ISP (outside). Want site to site VPN's on 2nd ISP. Base license, so I'm using a "no forward". I think i am close but I can't get my test VPN to negotiate - don't see any attempts even when I am pinging to generate interesting traffic from either side. The failover for "surfing" from ISP1 to ISP2 is working fine. Config attached. Thanks in advance.
Solved! Go to Solution.
11-05-2011 05:40 AM
You would also need the following route:
route VPN 10.10.1.0 255.255.255.0 yy.yy.yy.1 1
route VPN 10.13.1.0 255.255.255.0 yy.yy.yy.1 1
route VPN 10.14.1.0 255.255.255.0 yy.yy.yy.1 1
route VPN 10.15.1.0 255.255.255.0 yy.yy.yy.1 1
11-05-2011 05:40 AM
You would also need the following route:
route VPN 10.10.1.0 255.255.255.0 yy.yy.yy.1 1
route VPN 10.13.1.0 255.255.255.0 yy.yy.yy.1 1
route VPN 10.14.1.0 255.255.255.0 yy.yy.yy.1 1
route VPN 10.15.1.0 255.255.255.0 yy.yy.yy.1 1
11-08-2011 05:36 PM
Duh, feelin' silly.
Thanks, that was it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide