[c-nsp] ASA IPsec Tunnel Failover

Forrest, Michael E. michael.forrest at abdn.ac.uk
Tue Jul 14 07:50:35 EDT 2009


I was under the impression that there was no BGP support in the ASA platform, unless someone knows otherwise?

Michael.

> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Prabhu Gurumurthy
> Sent: 14 July 2009 00:34
> To: Munoz, Jeff
> Cc: cisco-nsp at puck.nether.net
> Subject: Re: [c-nsp] ASA IPsec Tunnel Failover
>
> Answer is: BGP
>
> On Jul 13, 2009, at 1:14 PM, Munoz, Jeff wrote:
>
> > Hey guys, I have two main sites (site A and site B) and one remote
> > site (site C).  Sites A and B have a metroethernet connection
> > between them.  Remote site C has an IPsec tunnel back to site A.
> > I'd like to setup failover so in case site A's ASA is down the
> > remote site C ASA sends the interesting traffic down the site B
> > IPsec tunnel.  Unfortunately, it will always match the tunnel to
> > site A since the phase 2 access lists have the same source/
> > destinations.  Any ideas on how I can do this?
> >
> > Thanks!
> >
> > Jeff
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/


The University of Aberdeen is a charity registered in Scotland, No SC013683.


More information about the cisco-nsp mailing list