IPsec, L2TP, Split tunneling, PPTP and all other VPN related posts.
1 post • Page 1 of 1
Hi all, Ive been looking through the group and see a lot of questions about load-balancing outbound traffic on two internet links. My question is a bit different and I can seem to find an answer online. Ive got an ASA 5550 with 2 internet links,A and B. Currently, the ASA is doing NAT for the office network over the A connection and receiving incoming VPN client connections on that same A connection. This is all fine. But what I would also like to have, is the ASA accepting VPN client connections on the B link. I can seem to get this working. Anyone got an idea where to look? Thanks!
No, this is not something that is supported. VPN Client connecting to both 2 ISP links requires 2 default gateways which are active at the same time. ASA does not support this setup. It does not support 2 default gateways active at the same time. It only supports 2 ISP links when one is configured as a backup when the primary ISP link went down. You can however configure the second ISP for site-to-site VPN and the first ISP for vpn client and normal outbound internet access. Because with site-to-site vpn, you know the static ip address of the peer, so you can create static route to the peer pointing towards the second ISP link. Hope that makes sense.