I was able to make it work.

jeremy-rogers · ‎12-18-2014

I know this an "out there" question, but I have a remote office that has a sketchy internet. I have seen that my asa can handle 2 internet connections in a failover type scenario. I am trying to use a Mifi (cell internet) connection as the backup internet connection. I have need to maintain a site to site vpn using this router.

The problem is that the cell phone internet connection gives a private IP range. I have tested using the cell as the external interface. This works fine, but I am thinking I will run into problems trying to setup the site to site VPN when one side is using a private IP range.

Does anyone know if it is possible to make this work? Any help would be appreciated.

Karsten Iwen · ‎12-18-2014

Yes, that can work and is not that uncommon. You have to configure your HQ-gateway in a way that connections fron unknown IPs are accepted for VPN. If the HP also is an ASA, you can use the Default L2L tunnel-group for a S2S connection, or you can use the EzVPN functionality with the 5505 as a client and your HQ ASA as the Server.

jeremy-rogers · ‎01-08-2015

I was able to make it work. It automatically fails over and restarts the vpn. The only small problem is that the side with the cell phone connection has to initiate the vpn connection. It doesn't work both ways since the side that uses the cell connection has a private address. On the partner side, I had to setup a vpn to the public IP of the phone. This allows the phone side to initiate a vpn connection. So, in short, it works!

sunny54321 · ‎05-18-2021

Can you please show me your configs ?? how you set up your default route and VPN configs please?

Cisco ASA 5505 using cell phone internet connection