CISCO ASA Active Active - VPN config

Dear Team,

As per CISCO:

"When the security appliance is configured for Active/Active stateful failover, you cannot enable IPsec or SSL VPN. Therefore, these features are unavailable. VPN failover is available for Active/Standby failover configurations only."



Could some one assist me why it will not support on A-A failover???

Regards,
LAJAN JALEEL
LVL 1
Lajan JaleelAsked:
Who is Participating?
 
Robert Sutton JrSenior Network ManagerCommented:
What version IOS are you running?

With Active/Active you are running in Multiple Context mode or basically "Virtual" firewalls. If you are running IOS 9.0 or later you can ONLY use IpSec L2L VPN.  Any other form of clientless or client vpn is NOT supported at this time.

You can however run a pair in a normal Active/Standby mose (Which is not Multiple context mode) and run any VPN the device supports.

Hope this helps.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.