Solved

CISCO ASA Active Active - VPN config

Posted on 2014-02-16
1
1,110 Views
Last Modified: 2014-05-09
Dear Team,

As per CISCO:

"When the security appliance is configured for Active/Active stateful failover, you cannot enable IPsec or SSL VPN. Therefore, these features are unavailable. VPN failover is available for Active/Standby failover configurations only."



Could some one assist me why it will not support on A-A failover???

Regards,
LAJAN JALEEL
0
Comment
Question by:Lajan Jaleel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 15

Accepted Solution

by:
Robert Sutton Jr earned 500 total points
ID: 39868886
What version IOS are you running?

With Active/Active you are running in Multiple Context mode or basically "Virtual" firewalls. If you are running IOS 9.0 or later you can ONLY use IpSec L2L VPN.  Any other form of clientless or client vpn is NOT supported at this time.

You can however run a pair in a normal Active/Standby mose (Which is not Multiple context mode) and run any VPN the device supports.

Hope this helps.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
DHCP default-router command 1 31
ASA 5505 packet drops 14 70
Setting up a trunk port on a Cisco switch? 20 88
C3560E Software (C3560E-UNIVERSALK9-M), Version 12.2(55)SE5 3 37
When I upgraded my ASA 8.2 to 8.3, I realized that my nonat statement was failing!   The log showed the following error:     %ASA-5-305013: Asymmetric NAT rules matched for forward and reverse flows It was caused by the config upgrade, because t…
Overview The Cisco PIX 501, PIX 506e, ASA 5505 and ASA 5510 (most if not all of this information will be relevant to the PIX 515e but I do not have a working configuration handy to verify the validity) are primarily used within small to medium busi…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question