[c-nsp] IPSEC Tunnel between ASA and IOS (with redundant link)

Adam Greene maillist at webjogger.net
Thu Feb 21 03:53:23 EST 2013 

Hi DS,

 

In addition to the crypto map command you entered (which is correct), you
probably have a configuration similar to the following on the ASA:

 

tunnel-group 1.1.1.1 type ipsec-l2l

tunnel-group 1.1.1.1 general-attributes

default-group-policy lan-to-lan

tunnel-group 1.1.1.1 ipsec-attributes

pre-shared-key *****

 

You need to put in similar configurations for 2.2.2.2.

 

Thanks,

Adam

 

From: Bunny Singh [mailto:jump2fly82 at yahoo.com] 
Sent: Wednesday, February 20, 2013 9:59 AM
To: Adam Greene; cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] IPSEC Tunnel between ASA and IOS (with redundant link)

 

Dear Adam, 

 

Thanks for your reply, 

 

I have tried on ASA by entering crypto map mymap 15 set peer 1.1.1.1
2.2.2.2, but no success.

 

Can you provide me the ASA example config with the same scenaro.

 

Thanks.

DS

 

  _____  

From: Adam Greene <maillist at webjogger.net <mailto:maillist at webjogger.net> >
To: cisco-nsp at puck.nether.net <mailto:cisco-nsp at puck.nether.net>  
Sent: Wednesday, February 20, 2013 7:16 PM
Subject: Re: [c-nsp] IPSEC Tunnel between ASA and IOS (with redundant link)


DS,

On the ASA it's pretty much as simple as adding a secondary peer in the
crypto map, and duplicating the tunnel-group configurations for the second
peer.

On the 2811, the establishment of the secondary tunnel will depend on the
existence of a route in the routing table over the secondary link. 

Thanks,
Adam

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
<mailto:cisco-nsp-bounces at puck.nether.net> 
[mailto:cisco-nsp-bounces at puck.nether.net
<mailto:cisco-nsp-bounces at puck.nether.net> ] On Behalf Of Bunny Singh
Sent: Wednesday, February 20, 2013 1:58 AM
To: cisco-nsp at puck.nether.net <mailto:cisco-nsp at puck.nether.net> 
Subject: [c-nsp] IPSEC Tunnel between ASA and IOS (with redundant link)

HI, 

i have a cisco asa 5520 at site A and cisco 2811 at site B with two P2P
links (Redundant) Link, Now i want to know the configuration to built a
redundant ipsec tunnel. I have read couple of article, but didn't got the
success.

Ospf routing is running between these devices.


Regards
DS
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
<mailto:cisco-nsp at puck.nether.net> 
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/


_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
<mailto:cisco-nsp at puck.nether.net> 
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list