Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
520
Views
0
Helpful
1
Replies

2 ISP Link

anthony.dyne
Level 1
Level 1

‎02-18-2012 10:10 PM - edited ‎03-11-2019 03:31 PM

Hi

Can we terminate 2 Internet link on ASA and get loadbalancing  + failover setup

Loadbalancing -  send http,https traffic on Link A  and other traffic on Link B

Failover  - If Link A fails then all traffic reroutes to Link B and vice-versa

Thanks

Anthony

Labels:
0 Helpful
1 Reply 1

Julio Carvajal
VIP Alumni
VIP Alumni

‎02-19-2012 02:07 PM

Hello Anthony,

As you migth know PBR is not supported on ASAs but there are some work-arounds to do it ( CISCO does not support it officialy) that could work.

The failover will be done by using SLA monitoring:

http://www.cisco.com/en/US/partner/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml

For the PBR ( Send http and https on one link)

route ISP1 0 0 1.1.1.2 // Default route pointing to ISP1

route ISP2 0 0 2.2.2.2  2  // Default route with Metric 2 via ISP2

static (ISP2,inside) tcp 0.0.0.0 80 0.0.0.0 80

static (ISP2,inside) tcp 0.0.0.0 443 0.0.0.0 443

sysopt noproxyarp inside // important, otherwise it will cause routing issues as the ASA will start sending proxy-arps for all hosts on the inside.

nat (inside) 1 0 0

global (ISP1) 1 interface

global (ISP2) 1 interface

Do rate helpful posts

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card