• Advertisement

VPN and web on two links

IPsec, L2TP, Split tunneling, PPTP and all other VPN related posts.

VPN and web on two links

Postby Guest » Thu Jul 29, 2010 7:20 pm

Hi all,

Ive been looking through the group and see a lot of questions about
load-balancing outbound traffic on two internet links. My question is
a bit different and I can seem to find an answer online.

Ive got an ASA 5550 with 2 internet links,A and B.
Currently, the ASA is doing NAT for the office network over the A
connection and receiving incoming VPN client connections on that same
A connection. This is all fine. But what I would also like to
have, is the ASA accepting VPN client connections on the B link. I
can seem to get this working.

Anyone got an idea where to look?

Thanks!

Guest
 

Advertisement

Re:VPN and web on two links

Postby Guest » Thu Jul 29, 2010 8:02 pm

No, this is not something that is supported. VPN Client connecting to both 2 ISP links requires 2 default gateways which are active at the same time. ASA does not support this setup. It does not support 2 default gateways active at the same time. It only supports 2 ISP links when one is configured as a backup when the primary ISP link went down.

 

You can however configure the second ISP for site-to-site VPN and the first ISP for vpn client and normal outbound internet access. Because with site-to-site vpn, you know the static ip address of the peer, so you can create static route to the peer pointing towards the second ISP link.

 

Hope that makes sense.

Guest
 

Re:VPN and web on two links

Postby Guest » Thu Jul 29, 2010 9:32 pm

Hi Jennifer.

 

Thanks for the quick answer. It help a lot, although made me sad...

 

I thought route maps could be a solution....

Guest
 

Re:VPN and web on two links

Postby Guest » Thu Jul 29, 2010 9:53 pm

No, unfortunately route-map in ASA can be used for that.

Pls kindly mark the post as answered so others can also learn from your post. Thank you.

Guest
 

Re:VPN and web on two links

Postby Guest » Thu Jul 29, 2010 11:10 pm

Hi Jennifer,

 

what if I have two ASA working as active-active failover. Can I use navigation on link A and VPN on link B, both links on different appliances?

Guest
 



  • Advertisement


Similar topics


Return to Virtual Private Networks

Who is online

Users browsing this forum: No registered users and 2 guests