Overview

Multiple tunnels can be created for fail over or load balance purposes.

For ASA/FTD:

Each tunnel must terminate at a different DC unless you utilize different egress IPs per tunnel.

Example 1: if only 1 egress IP is shared for 2 tunnels, you need to terminate each tunnel to different head-end.

Example 2: If the tunnels has different egress IP, you can terminate both tunnels to the same head-end.

For other devices that support FQDN tunnel ID:

Multiple tunnels can terminate at the same head-end if FQDN tunnel ID are utilized.

For instance, if the tunnel ID are site1@12345678-987654321-umbrella.com and site2@12345678-987654322-umbrella.com. They can terminate on the same head-end.