I have a number of remote sites connecting back to head office via Cisco ASA 5505s and Cisco PIX 506es. At head office we have an old Cisco 3000 VPN Concentrator, and a new Cisco ASA 5510.
The remote sites use Easy VPN to connect (so they show up as Remote Access sessions, not Lan2Lan).
I am in the process of migrating the remote devices to connect to the new 5510. I can have multiple VPN Servers in the config for failover, so I am adding the VPN Concentrator there. However, at the head office end, we currently have static routes set up to direct traffic for our remote subnets to either the 5510 or VPN Concentrator. This means that in a failover situation, manual intervention would be required to update the routes at head office.
We have Dell PowerConnect 6248s as core switches at head office - all the routing is configured on there at present. I'd like to get some kind of failover routing in place so if I take the ASA 5510 down for any reason, the connections still work. The endpoints can handle this failover, but the routing is currently all static. How can I achieve this?