Answer the question
In order to leave comments, you need to log in
L
L
lohmag2014-05-06 15:01:55
lohmag, 2014-05-06 15:01:55
Cisco ASA VPN Redundancy
Tell me how you can implement a similar scheme with redundancy on ASAs. It is 
necessary that the ASA2 - ASA4 tunnel be redundant and switch only when the first one falls.
The problems that have arisen that I cannot get around are this Reverse route injection, which throws a route even when the tunnel is down, otherwise the traffic of interest on the ace will not appear and the tunnel will not rise.
Those. when creating two tunnels on the router, two routes to the remote subnet immediately appear, but with different metrics, even if the tunnel does not work, it still hangs in the routing table.
It would be possible to make by means of GRE+ipsec if the expert supported it.
In general, how else can such a scheme be implemented.
2 answer(s)
@ragent
@zxc80
R
Rinat Garipov, 2014-05-07 @ragent
Colleague, what prevents you from implementing switching from channel to channel at the router1 - router2 level?
Correctly noted that if there are two routes, everything is decided at the level of metrics. The disappearance of the second route can be done using tracking (ip sla).
P
Pavel Vasterov, 2014-05-08 @zxc80
Either as @ragent said + EIGRP (depending on the situation) or BGP. A flickering link won't win at all :-(
Similar questions
Z
Z
L
T
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question