cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
531
Views
0
Helpful
5
Replies

ASA5505 02 ISP

aryancomputer
Level 1
Level 1

Hi,

I have to sugest a solution to my customer which can support 02 different ISPs simultaneously in active mode on ASA5505-SEC-BUN-K9. Is this solution possible.

Thanks & Regards

5 Replies 5

cdusio
Level 4
Level 4

Yes although load balancing isn't supported multiple default routes are through object tracking.

aryancomputer
Level 1
Level 1

Hi Thanks for your comment, it would be nice if you can explain more or give an example.

Thanks & Regards

Pls explain with an example, it would be really nice.

Thanks & Regards

Pls explain with an example, it would be really nice.

Thanks & Regards

Hello

First of all you can't have two ISP active at the same time in an ASA5505. This is because the ASA can only handle one default route.

The workaround would ony work whenever you know the destination you are looking for:

Lets assume this:

outside: 5.5.5.5 /27

inside: 10.10.10.0 /24

backup: 6.6.6.6/27

Interface backup is the secondary ISP

As default route you got:

route outside 0 0 5.5.5.6

for nat:

nat (inside) 1 0 0

global (outside) 1 interface

All unknown traffic from inside would use the default route and would be leaving through 5.5.5.6

The only way to force traffic out through the backup interface would be to know which destination you are looking for and force it through the secondary ISP

for example, adding a route like this:

route backup 200.0.0.0 255.0.0.0 6.6.6.7

All traffic meant to network 200.0.0.0/8 would leave through backup interface, using secodnary ISP. This is the only way to force traffic through a secondary ISP, and it will not create load balancing.

About previous reply of using object tracking that would be for using a Backup ISP. This means as soon as your primary ISP goes down, the secondary would take over:

https://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml

Cheers

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: