2 ISP on ASA

Joe.Mathews · ‎02-27-2012

Hello Experts

Looking at this example i found Two ISP can be terminated on ASA, Our requirement is to send HTTP traffic via ONE ISP and VPN traffic on Second ISP

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml#diag

Hope to get some help

Warm Regards

Joe

Julio Carvajal · ‎02-27-2012

Hello Joe,

That is correct, what you are looking is a PBR implementation witch is not supported on the ASA BUT you can use this link my friend, witch based on your requirements it should do it:

https://supportforums.cisco.com/docs/DOC-15622

Regards,

Do rate all the helpful posts

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

Joe.Mathews · ‎02-27-2012

Si Julio

Thanks for sharing the url, what i understand from the url is to have Router and terminate both Internet link on it

ASA dont support two ip on the same interface so what IP I would configure between ASA and Internet Router.

Warm Regards

Joe

servytech · ‎03-28-2012

Hi Julio

In the document you provided one of the solutions talk about "Route traffic based on destination ports". What are the ports if I need to pass through second ISP the VPN traffic?

Kind Rgards

Javi

vincent.monnier · ‎03-30-2012

HI Joe,

A question about the VPN you are talking about : is it a site2site VPN where the Peer VPN ip address is well known ?

If yes, in that case, a solution would be to configure 2 static routes :

* one default for HTTP trafic (and all any other trafic than the VPN one) via SP1

* one specific for the VPN peer ip address via SP2

Hope that help.

Vincent