IPSEC VPN with SLA redundancy on ASA

re: http://www.experts-exchange.com/Hardware/Networking_Hardware/Firewalls/Q_23816621.html#discussion
In the firewall configuration there are two crypto maps for each outside interface. Is that necessary or can you apply the same map to both the primary and secondary interfaces?
Thank you.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

No that is not necessary. You can apply one cyrpto map to multiple interfaces

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
In the example that you point out it uses 2 different crypto maps because they point to 2 different peers. If you are attempting the same thing as in the article then you will need 2 different crypto maps because it is making 2 separate tunnels to two different peers.


cavacamiteAuthor Commented:
Thank you both very much. I didn't realize the third octet was different in the peer addresses.
cavacamiteAuthor Commented:
I'm attempting something similar ---- there's only one remote peer, but two outside interfaces for dynamic failover.
Thank you again.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.