Ping a Specific Port

Question

Alec T

Asked: 2013-02-07 11:58:48 +0800 CST2013-02-07 11:58:48 +0800 CST 2013-02-07 11:58:48 +0800 CST

Fail-over VPN with two ISPs and Cisco ASA 5500 Series

772

We have a couple of branch offices that need to connect to a main site. We plan to use Cisco ASAs 5515 to establish VPN connections. We would also like to have 2 ISPs at each location to make the connection redundant. Here is the image: enter image description here

I am a bit new to ASAs so far, so my question is "Is it possible to set up ASA 5515 to use 2 ISPs to have VPN connection with a remote site and in case of the main ISP's failure switch over to backup ISP automatically and then to return back to the main one when the link is reestablished ?"

1 Answers

Voted

GerryEgan · Answer 1 · 2013-02-10T15:17:22+08:00

Best Answer

GerryEgan

2013-02-10T15:17:22+08:002013-02-10T15:17:22+08:00

Yes it is possible, all you have to do is enable isakmp on the both outside interfaces of the redundant ISP ASA with

crypto isakmp enable <outside interface name>
crypto isakmp enable <backup interface name>

and then on the ISP C ASA change your crypto map statement to:

crypto map outside_map <crypto map no> set peer <ISP A IP> <ISP B IP>

That will allow a failover if ISP A is down. When the tunnel is renegotiated and ISP A is available the tunnel will fail back.

2

Fail-over VPN with two ISPs and Cisco ASA 5500 Series

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?