Multiple VPNs between 2 peers

jfschultz · January 16, 2017, 2:49pm

Hello,

I have request for an unusual design, and I do not know if there is a solution.

I need to tunnel several applications between 2 ASAs, each application corresponding to a dedicated vlan behind my first ASA. The customer explicitly requires dedicated VPNs for legal and liability reasons, hence in theory I would need 3 tunnels between the same ASA peers.

I have searched in the literature but it seems that ASAs won’t allow for multiple VPNs between the same peers.

Would you have an idea on a possible design? Can I put 3 interfaces of my second ASA on the same network and pretend these are distinct hosts?

Thanks

ReneMolenaar · January 17, 2017, 2:26pm

Hmm I think if you try to configure a second peer with the same IP address, you will get an error.

You could look into Multiple Context though. This allows you to run “virtual” firewalls. I think you will be able to configure the same peer IP address in each context, you’d have to test it though.