Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
torrefacto
Explorer

How to configure main and secondary VPN's from checkpointFW to one ASA

 

How to configure two different VPNs (one primary and one secondary) to the Cisco ASA of a partner company, each one from a different ISP?

The idea is to have the maximum possible redundancy in case of loss of an ISP, VPN downtime....etc... to be able to continue working.

How could I configure the checkpoints for this? is it necessary to change the routes? and the Nateo?

 

Anyway, I am opened to whatever topology alternative.

 

I attached my topology proposal 

 

Best regards.

0 Kudos
3 Replies
PhoneBoy
Admin
Admin

A couple of questions:

  • How are the 1570s managed in this case?
  • The diagram seems to indicate the two ISP links are terminating on an external router off the WAN interface, is that correct?

 

0 Kudos
torrefacto
Explorer

Hi!

1 - They are master - Standby (ClusterXL)

2 - Yes, they are connected in level 3 switch the two ISP's routers. My Idea is (but i could be wrong) to have redundant VPN to the Cisco ASA in whatever situation. If the ISP1 router is down or the other one is down.

Kind regards.

0 Kudos
torrefacto
Explorer

Also to me more understandable, i want to do something like https://www.cisco.com/c/en/us/support/docs/security-vpn/security-vpn/216709-configure-failover-for-i...  but with two Checkpoint and one Cisco ASA instead of two Cisco FTD and one Cisco ASA.

 

Kind regards.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events