Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
1433
Views
0
Helpful
4
Replies

ASA 5525x, 8.6 - multiple uplinks

ddindevanis
Level 1
Level 1

ā€Ž12-07-2012 03:34 AM - edited ā€Ž03-11-2019 05:34 PM

Hi,

I have a client with ASA 5525x code 8.6 failover bundle,

this client have inside1, inside2,inside 3 and outside 1, outside 2, and outside 3. inside1 has to go out and come in  with outside 1 and inside 2 to outside 2 respectievely.

please pass any idea or workarround..

regards

Labels:
0 Helpful
4 Replies 4

julomban
Level 3
Level 3

ā€Ž12-07-2012 05:13 AM

Hi,

You need to take in consideration that the ASA does not support policy based routing. The ASA only routes traffic based on destination IP and not by source as you trying to do, the ASA only handles 1 active default gateway.

This type of routing can be done on a router as they have the ability to route traffic based on source (inside1, inside2 and inside3) but the firewall does not.

Regards,

Juan Lombana

Please rate helpful posts.

0 Helpful

ddindevanis
Level 1
Level 1
In response to julomban

ā€Ž12-08-2012 07:06 AM

Hi

Thanks for your reply,

Can i achieve this creating multiple context on ASA.

.

Regards

0 Helpful

Jouni Forss
VIP Alumni
VIP Alumni
In response to ddindevanis

ā€Ž12-08-2012 08:40 AM

Hi,

If you divide them all to their own context there should be no problem with the routing but the whole setup naturally depends on what you are using with the ASA.

If you have the LAN networks default gateway on the ASA and just use Vlans to segment the LAN network there should be no problems with routing. If you have a L3 point on the LAN side before the ASA you will have to rely on either Policy Routing or VRF:s.

Also notice that when going to multiple context mode with the ASA you will loose some of the ASAs functionality. The most common used would be the VPN. Only in the latest 9.x versions you will get to use L2L VPN in multiple context mode but no other VPN works. I'm kinda hoping they would eventually support client VPN also.

Can you clarify why would the client want 3 separate interfaces?

- Jouni

0 Helpful

ddindevanis
Level 1
Level 1
In response to Jouni Forss

ā€Ž12-08-2012 11:26 AM

Thanks for the reply,

This Client have 3 LAN Segments and they have one Interent Connection of 10MB from one ISP, the client manage to get 3 VRF on MPLS CPE, (2+2+6 MBs), now I want to configure ASA to cater this requirements. LAN1 and LAN2 with 2MB and LAN3 for 6 MB.

LAN1 - 192.168.10.x /24

LAN2 - 192.168.20.x/24

LAN3 - 172.20.30.x/24

WAN1 -a.b.c.d/30

WAN2 a.b.c.e /30

WAN3 a.b.c.f /29

ASA 5525x  code- 8.6 Failover Bundle

Dear Experts, Please advice.

Regards

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card