Thanks for your reply. On Sat, Sep 5, 2009 at 2:21 PM, Kingsley Charles <[email protected] > wrote:
> Hi > > In a context, I don't see the VPN support. The options for crypto command > are "ca" and "key" which are used for SSL/TLS, SSH and CA. > > pixfirewall/mine(config)# crypto ? > configure mode commands/options: > ca Certification authority > key Long term key operations > > > As per the given below link, VPN is not supported in multiple context: > > > http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/contexts.html > > *Snippet from the link* > > Unsupported Features > > Multiple context mode does not support the following features: > > •Dynamic routing protocols > > Security contexts support only static routes. You cannot enable OSPF, > RIP, or EIGRP in multiple context mode. > > •VPN > > •Multicast routing. Multicast bridging is supported. > > •Threat Detection > > •QoS > > •Phone Proxy > > > > > With regards > Kings > > > On Sat, Sep 5, 2009 at 12:20 PM, Stuart Hare > <[email protected]>wrote: > >> Dm >> >> I beleive this is referring to the stateful failover of IPSec >> connections thru the asa, and not terminating vpns direct to the asa. >> As far as I am aware VPN is still not supported in multiple context >> mode, whether it remains that way I'm unsure as nat has been added to >> v8 and they are gradually increasing the capabilities with >> virtualisation. >> >> Stu >> >> >> >> Sent from my iPhone >> >> On 5 Sep 2009, at 07:23, Dnyaneshwar Gore <[email protected]> >> wrote: >> >> > Hi All, >> > >> > As per ASA ver 8.0 configuration guide on page 4-2 (98, multiple >> > context mode does not support VPN. But in resource management >> > section, it says that max limit per context for IPsec session is 5. >> > Also in Failover section on page 15-1 (259) there is note in >> > Understanding Failover section that "IPsec or SSL VPN can not be >> > enabled in Active/Active stateful failover but VPN failover is >> > available for Active/standby failover." Active/standby failover is >> > possible in multiple context mode. That means VPN is supported in >> > multiple context mode. >> > >> > I am confused by these different explanations on VPN support in >> > multiple context mode. If we say that VPN is not supported in >> > multiple context mode then how VPN is supported in resource >> > management for multiple contexts and active/standby failover in >> > multiple context mode.? >> > >> > Regards, >> > D.M.Gore >> > _______________________________________________ >> > For more information regarding industry leading CCIE Lab training, >> > please visit www.ipexpert.com >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
