Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Cisco ASA multiple local peer IP addreses for L2L VPN

Posted on 2014-03-17
1
Medium Priority
?
2,016 Views
Last Modified: 2014-11-12
I am trying to create VPN tunnels between my ASA and the AWS environment.

I already have one tunnel up and running successfully but I now need a second tunnel from  a second AWS environment to the same ASA on my side.

This seems to be a big no-no within AWS.

I can't have more then one tunnel from AWS to the same remote peer IP address.

I therefore need to setup a second peer IP address on my ASA in order to get the second AWS tunnel up and running. My ASA is currently using the IP address of the Outside interface as the peer address.

Am I able to configure my ASA with more then one public IP address to use for VPN peer connectivity and, if so, how do I go about implementing that ?

TIA
0
Comment
Question by:ccfcfc
1 Comment
 
LVL 28

Accepted Solution

by:
asavener earned 2000 total points
ID: 39934499
The tunnel configuration only defines the other endpoint; your local endpoint will always be the interface with the route to the far end.

You can accomplish what you're trying to do on the ASA only if you have multiple gateways/ISPs.  In that case, you could configure your routing so that one tunnel goes over one ISP (with that interface's source address), and another tunnel over the other ISP (with that interface's source address).




To accomplish this using just one ISP, you will need multiple VPN routers; fortunately, they need not be very powerful, depending on the volume of traffic.  Chances are, an 800-series router would be perfectly able to handle the traffic, and you just have to publish UDP 500 and UDP 4500 through your ASA.
0

Featured Post

NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There’s a movement in Information Technology (IT), and while it’s hard to define, it is gaining momentum. Some call it “stream-lined IT;” others call it “thin-model IT.”
Powerful tools can do wonders, but only in the right hands.  Nowhere is this more obvious than with the cloud.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

783 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question