Solved

Cisco ASA multiple local peer IP addreses for L2L VPN

Posted on 2014-03-17
1
1,840 Views
Last Modified: 2014-11-12
I am trying to create VPN tunnels between my ASA and the AWS environment.

I already have one tunnel up and running successfully but I now need a second tunnel from  a second AWS environment to the same ASA on my side.

This seems to be a big no-no within AWS.

I can't have more then one tunnel from AWS to the same remote peer IP address.

I therefore need to setup a second peer IP address on my ASA in order to get the second AWS tunnel up and running. My ASA is currently using the IP address of the Outside interface as the peer address.

Am I able to configure my ASA with more then one public IP address to use for VPN peer connectivity and, if so, how do I go about implementing that ?

TIA
0
Comment
Question by:ccfcfc
1 Comment
 
LVL 28

Accepted Solution

by:
asavener earned 500 total points
ID: 39934499
The tunnel configuration only defines the other endpoint; your local endpoint will always be the interface with the route to the far end.

You can accomplish what you're trying to do on the ASA only if you have multiple gateways/ISPs.  In that case, you could configure your routing so that one tunnel goes over one ISP (with that interface's source address), and another tunnel over the other ISP (with that interface's source address).




To accomplish this using just one ISP, you will need multiple VPN routers; fortunately, they need not be very powerful, depending on the volume of traffic.  Chances are, an 800-series router would be perfectly able to handle the traffic, and you just have to publish UDP 500 and UDP 4500 through your ASA.
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

AWS Glacier is Amazons cheapest storage option and is their answer to a ‘Cold’ storage service.  Customers primarily use this service for archival purposes and storage of infrastructure backups.  Its unlimited storage potential and low storage cost …
Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
Steps to create a PostgreSQL RDS instance in the Amazon cloud. We will cover some of the default settings and show how to connect to the instance once it is up and running.
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now