Solved

Cisco ASA - configure backup L2L tunnels on backup Internet link

Posted on 2016-11-07
3
53 Views
Last Modified: 2016-11-14
We have a core network that has L2L tunnels with several spokes. Several spokes are 8.4 or higher and one spoke is 8.2.5.

The core has a backup Internet link -- let's call it Backup. Goal is to maintain L2L tunnels to the spokes if the primary internet on the core goes down.

On the core side, I've configured NAT to the (inside,Backup), and an access list to allow Backup_access_in.

On the spoke side, I've configured additional tunnel groups to the Backup on the Core. What else is required? Additional crypto maps?
0
Comment
Question by:d4nnyo
  • 2
3 Comments
 
LVL 16

Accepted Solution

by:
max_the_king earned 500 total points
ID: 41878326
Hi,
yes, on the spokes you need to add crypto map as well, not only tunnel groups.
Please note that you can add the backup public IP into each crypto map that already exists for the main site.
For example, on each spoke:
old crypto map:
crypto map outside_map 20 set peer 1.2.3.4
new crypto map:
crypto map outside_map 20 set peer 1.2.3.4 5.6.7.8

hope this helps
max
0
 
LVL 1

Author Comment

by:d4nnyo
ID: 41879303
Thanks. Is it better to re-creat existing crypto maps? Or add new ones?
0
 
LVL 16

Expert Comment

by:max_the_king
ID: 41879306
It must be The same crypto map. You may as well update the existing one.
max
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question