I have two Cisco ASA firewalls in disparate locations across my campus. They were purchased before I started and do not have SFP interfaces. I am trying to get some sort of HA established for VPN.
Here are my thoughts thus far:
- I could use media converters(but kind of a failure point in my view).
- I could do HA interfaces over a switch(concern is a switch failure in the middle) causing a split brain scenario.
- I did some reading and saw you could have two firewalls in the any connect client config. I was thinking that could be a good way to perform a software fail over. I was curious if anyone has deployed a setup in this manner and if they have had good experience with it?
No comments:
Post a Comment