Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
323
Views
0
Helpful
1
Replies

ISP Load Balancing

Mohammed Ismail Shareef
Level 1
Level 1

‎08-10-2015 05:37 AM - edited ‎03-11-2019 11:24 PM

Hi,

I have a Cisco ASA 5510 Firewall and i am using two internet connections for failover. My ISP1 is always up and has VPN's but my ISP2 will only come up when ever the ISP1 is down. I am using SLA tracking to achieve that.

I want to use ISP1 for only VPN and ISP2 for all other traffic at the same time to utilize my both connections and most importantly i have voice traffic over VPN and thats getting distrubed.

Could anyone suggest how can i achieve that.

Regards

@Mohammed

Labels:
0 Helpful
1 Reply 1

Karsten Iwen
VIP
VIP

‎08-10-2015 06:11 AM

  1. Change your ISP-failover-config to make ISP2 the active one. When general traffic has to be processed on ISP2, then the active default-route has to point to ISP2. The default-route to ISP1 gets the higher admin distance.
  2. For RA-VPN, your clients continue to point to the ASA-ISP1 address.
  3. For S2S-VPN configure static routes for all remote-subnets and the remote gateways pointing to ISP1
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card