• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1342
  • Last Modified:

IPSEC VPN with SLA redundancy on ASA

re: http://www.experts-exchange.com/Hardware/Networking_Hardware/Firewalls/Q_23816621.html#discussion
In the firewall configuration there are two crypto maps for each outside interface. Is that necessary or can you apply the same map to both the primary and secondary interfaces?
Thank you.
  • 2
2 Solutions
No that is not necessary. You can apply one cyrpto map to multiple interfaces
In the example that you point out it uses 2 different crypto maps because they point to 2 different peers. If you are attempting the same thing as in the article then you will need 2 different crypto maps because it is making 2 separate tunnels to two different peers.


cavacamiteAuthor Commented:
Thank you both very much. I didn't realize the third octet was different in the peer addresses.
cavacamiteAuthor Commented:
I'm attempting something similar ---- there's only one remote peer, but two outside interfaces for dynamic failover.
Thank you again.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now