Hi
Bit of a strange question.
I have an ASA that has connections to two different ISPs. There are about 10 remote sites that connect into it over VPN. What I want to do is connect one interface to ISP 1 and another to ISP 2. The idea is that some remote sites use ISP 1 interface address on the ASA as primary VPN peer address and the ISP2 address as the secondary peer address. Others use ISP2 as primary and ISP1 as secondary so therefore the traffic is shared and they have a backup connection if one ISP link goes down. Does this sound possible? I have found a document on cisco that explains how to track a route to a destination IP and if this IP is unreachable the route disappears from the ASA routing table. But will the ASA be clever enough to send traffic to another peer if the route changes? Obviously there will be crypto access-lists that look the same and this might cause problems? Has anyone tried something like this before?
Thanks
----
Sunyasee
Bit of a strange question.
I have an ASA that has connections to two different ISPs. There are about 10 remote sites that connect into it over VPN. What I want to do is connect one interface to ISP 1 and another to ISP 2. The idea is that some remote sites use ISP 1 interface address on the ASA as primary VPN peer address and the ISP2 address as the secondary peer address. Others use ISP2 as primary and ISP1 as secondary so therefore the traffic is shared and they have a backup connection if one ISP link goes down. Does this sound possible? I have found a document on cisco that explains how to track a route to a destination IP and if this IP is unreachable the route disappears from the ASA routing table. But will the ASA be clever enough to send traffic to another peer if the route changes? Obviously there will be crypto access-lists that look the same and this might cause problems? Has anyone tried something like this before?
Thanks
----
Sunyasee