Solved

Cisco ASA multiple local peer IP addreses for L2L VPN

Posted on 2014-03-17
1
1,870 Views
Last Modified: 2014-11-12
I am trying to create VPN tunnels between my ASA and the AWS environment.

I already have one tunnel up and running successfully but I now need a second tunnel from  a second AWS environment to the same ASA on my side.

This seems to be a big no-no within AWS.

I can't have more then one tunnel from AWS to the same remote peer IP address.

I therefore need to setup a second peer IP address on my ASA in order to get the second AWS tunnel up and running. My ASA is currently using the IP address of the Outside interface as the peer address.

Am I able to configure my ASA with more then one public IP address to use for VPN peer connectivity and, if so, how do I go about implementing that ?

TIA
0
Comment
Question by:ccfcfc
1 Comment
 
LVL 28

Accepted Solution

by:
asavener earned 500 total points
ID: 39934499
The tunnel configuration only defines the other endpoint; your local endpoint will always be the interface with the route to the far end.

You can accomplish what you're trying to do on the ASA only if you have multiple gateways/ISPs.  In that case, you could configure your routing so that one tunnel goes over one ISP (with that interface's source address), and another tunnel over the other ISP (with that interface's source address).




To accomplish this using just one ISP, you will need multiple VPN routers; fortunately, they need not be very powerful, depending on the volume of traffic.  Chances are, an 800-series router would be perfectly able to handle the traffic, and you just have to publish UDP 500 and UDP 4500 through your ASA.
0

Featured Post

Optimizing Cloud Backup for Low Bandwidth

With cloud storage prices going down a growing number of SMBs start to use it for backup storage. Unfortunately, business data volume rarely fits the average Internet speed. This article provides an overview of main Internet speed challenges and reveals backup best practices.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Azure, AWS and Google Cloud differences 2 24
AWS RDS Backups? 3 41
Allow IP range in sonicwall 1 17
Voicemail on Cisco Unity Express unit has quit working 6 27
Checking the Alert Log in AWS RDS Oracle can be a pain through their user interface.  I made a script to download the Alert Log, look for errors, and email me the trace files.  In this article I'll describe what I did and share my script.
This past year has been one of great growth and performance for OnPage. We have added many features and integrations to the product, making 2016 an awesome year. We see these steps forward as the basis for future growth.
Steps to create a PostgreSQL RDS instance in the Amazon cloud. We will cover some of the default settings and show how to connect to the instance once it is up and running.
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question