Re: Question regarding ASA and using security contexts with VPN

From: Farrukh Haroon (farrukhharoon@gmail.com)
Date: Thu Apr 10 2008 - 16:33:15 ART

• Next message: Dan.Thorson@seagate.com: "Re: LS1010"
• Previous message: Scott Morris: "RE: LS1010"
• Maybe in reply to: Peter Grewal: "Question regarding ASA and using security contexts with VPN"
• Next in thread: Peter Grewal: "RE: Question regarding ASA and using security contexts with VPN"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Get something else then :). Netscreen for example supports PBR, BGP, also
support VPNs in both Transparent Mode and Virtual mode AFAIK. And its
amazingly easy to manage.

Or you could run the Cisco firewall in transparent mode. In version 8.x
transparent mode supports NAT. But then VPN is only supported to manage the
BOX (in transparent mode).
This again will not meet your requirements.

Or ask Cisco.........why are they ignoring these genuine needs (VPN support
in Active Active), PBR etc. for so long and introducing -non-so-necessary-
features like DTM, Per User SSL Portals etc?

Regards

Farrukh

On Thu, Apr 10, 2008 at 10:22 PM, Peter Grewal <peter@avient.ca> wrote:

> Doesn't meet my need of having group 1 using connection 1 and group 2
> using connection 2.
>
>
>
> Peter.
>
>
>
> *From:* Farrukh Haroon [mailto:farrukhharoon@gmail.com]
> *Sent:* Thursday, April 10, 2008 3:02 PM
>
> *To:* Peter Grewal
> *Cc:* ccielab@groupstudy.com
> *Subject:* Re: Question regarding ASA and using security contexts with VPN
>
>
>
> You can have an active/passive setup using tracking in the following way:
>
> http://www.cisco.com/warp/public/110/pix-dual-isp.html
>
> On Thu, Apr 10, 2008 at 9:43 PM, Peter Grewal <peter@avient.ca> wrote:
>
> Guys,
>
>
>
> So question, is it possible to connect two internet connections and route
> different traffic out, whilst supporting VPN ?
>
>
>
>
>
>
>
> *From:* Farrukh Haroon [mailto:farrukhharoon@gmail.com]
> *Sent:* Thursday, April 10, 2008 2:12 PM
> *To:* Peter Grewal
> *Cc:* ccielab@groupstudy.com
> *Subject:* Re: Question regarding ASA and using security contexts with VPN
>
>
>
> Peter, Dynamic Routing, QOS, VPNs are not supported in multiple context
> mode. As per the Cisco SEs, it is on the road-map tough.
>
> Source based Routing is also not supported to date (AFAIK).
>
> Regards
>
> Farrukh
>
> On Thu, Apr 10, 2008 at 8:44 PM, Peter Grewal <peter@avient.ca> wrote:
>
> Guys,
>
> I have a question, is there any way to get VPNs working with security
> contexts, if I use security contexts is there any way to terminate VPN
> sessions on the firewall ? Or does anyone know if the ASA firewalls
> support
> source based routing ?
>
> Thank you.
>
> Peter.
>
>
> Pass the CCIE in six weeks, Guaranteed!
> http://www.certscience.com/CCIE
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Pass the CCIE in six weeks, Guaranteed!
http://www.certscience.com/CCIE

• Next message: Dan.Thorson@seagate.com: "Re: LS1010"
• Previous message: Scott Morris: "RE: LS1010"
• Maybe in reply to: Peter Grewal: "Question regarding ASA and using security contexts with VPN"
• Next in thread: Peter Grewal: "RE: Question regarding ASA and using security contexts with VPN"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Thu May 01 2008 - 08:25:50 ART