ASA dual ISP backup VPN
This post covers the configuration of a policy-based Site-to-Site VPN on a single Cisco ASA Firewall (or HA failover pair) with dual internet connections on the head-end ASA. Topology The…
ASA Dynamic VTI
Cisco Secure Firewall ASA version 9.19 introduces the Dynamic Virtual Tunnel Interfaces (DVTI) route-based VPN, which is an alternative to a policy-based VPN (crypto map). VTI is always up, unlike…
ASA Active/Active
The Cisco ASA supports Active/Active failover mode, which allows both ASAs to pass traffic, allowing load balancing of network traffic. Active/Active Key Points Requires using multiple context mode. Refer to…
ASA Multiple Context
The Cisco ASA hardware appliances (not virtual appliances) supports partitioning the ASA into multiple virtual devices, known as security contexts. Each context acts as an independent device, with its own…
ASA Dual ISP using IP SLA
This post describes how to configure a Cisco ASA firewall for redundant/dual ISP connections, using the IP SLA and track features. IP SLA will be configured in conjunction with the…
IOS-XE FlexVPN Remote Access VPN
In this example FlexVPN Remote Access VPN users will authenticate to the Hub router using RSA certificates. Using the IKEv2 Name Mangler feature, the organisation-unit (OU) value will be extracted…