Solved

Cisco ASA multiple local peer IP addreses for L2L VPN

Posted on 2014-03-17
1
1,949 Views
Last Modified: 2014-11-12
I am trying to create VPN tunnels between my ASA and the AWS environment.

I already have one tunnel up and running successfully but I now need a second tunnel from  a second AWS environment to the same ASA on my side.

This seems to be a big no-no within AWS.

I can't have more then one tunnel from AWS to the same remote peer IP address.

I therefore need to setup a second peer IP address on my ASA in order to get the second AWS tunnel up and running. My ASA is currently using the IP address of the Outside interface as the peer address.

Am I able to configure my ASA with more then one public IP address to use for VPN peer connectivity and, if so, how do I go about implementing that ?

TIA
0
Comment
Question by:ccfcfc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 28

Accepted Solution

by:
asavener earned 500 total points
ID: 39934499
The tunnel configuration only defines the other endpoint; your local endpoint will always be the interface with the route to the far end.

You can accomplish what you're trying to do on the ASA only if you have multiple gateways/ISPs.  In that case, you could configure your routing so that one tunnel goes over one ISP (with that interface's source address), and another tunnel over the other ISP (with that interface's source address).




To accomplish this using just one ISP, you will need multiple VPN routers; fortunately, they need not be very powerful, depending on the volume of traffic.  Chances are, an 800-series router would be perfectly able to handle the traffic, and you just have to publish UDP 500 and UDP 4500 through your ASA.
0

Featured Post

Want Experts Exchange at your fingertips?

With Experts Exchange’s latest app release, you can now experience our most recent features, updates, and the same community interface while on-the-go. Download our latest app release at the Android or Apple stores today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the wake of AWS' S3 outage, we want to discuss the importance of storage and data diversification in the event of a hack, crash, or system disruption. We spoke with Experts Exchange’s COO Gene Richardson for a deeper understanding.
A 2007 NCSA Cyber Security survey revealed that a mere 4% of the population has a full understanding of firewalls. As business owner, you should be part of that 4% that has a full understanding.
Steps to create a PostgreSQL RDS instance in the Amazon cloud. We will cover some of the default settings and show how to connect to the instance once it is up and running.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question