Re: Vpn url query

Vishal6 · ‎06-26-2024

Can we configure Cisco AnyConnect VPN with backup VPN URL. Also suggest, can we use same Tunnel Group that we used for primary VPN URL (i.e. Tunnel Group : DUO-SSO)

Rob Ingram · ‎06-26-2024

@Vishal6 yes you can configure a backup URL, as per your other post https://community.cisco.com/t5/vpn/2-ips-on-same-vpn-url/td-p/5133818

Your backup URL would use the tunnel-group of another ASA/FTD with the same configuration as the primary URL, so configured for DUO-SSO.

Vishal6 · ‎06-26-2024

In my other post I have ask to map two public ip address on same url, Now we have created another backup url on different public ip address. So can I do what I have ask in my previous post ?

Rob Ingram · ‎06-26-2024

@Vishal6 use a load balancer, which would distribute connections to the different outside IP address.

Vishal6 · ‎06-26-2024

I need for redundancy, incase primary url goes down secondary will work.

Rob Ingram · ‎06-26-2024

@Vishal6 yes, the purpose of the backup url is to provide redundancy in case the primary is unavailable.

Vishal6 · ‎06-26-2024

Do I need load balancer here ?. Also i need to configure another Tunnel Group that we used for secondary VPN URL taking the reference of primary tunnel (i.e. Tunnel Group : DUO-SSO) ?

MHM Cisco World · ‎06-26-2024

FYI

Backup use when you have two WAN in one FW

Load balance use when you have two FW HA each have one WAN' no need load balancer.

MHM