03-13-2011 10:38 PM - editado 03-11-2019 01:06 PM
Dear Concern,
I have Cisco ASA 5520 . I want to deploy this in the following scenario.
In the above scenario management requirements are
Please suggest me how I will configure the ASA in the above requirements or if possible send me the configuration. Please find the attachment for diagram details.
Regards,
Imran
el 03-14-2011 07:11 AM
Just to let you. ASA can't have two active ISP connections at the time. You can have one active and the other as a backup using the IP SLA configuration. This is because you can't have two default gateways working at the same time for different interfaces.
I hope this helps.
el 03-14-2011 10:10 AM
This is not possible. He is correct the ASA will not support equal-cost load-balancing out the same interface.
One option that is probably out of the question would be multi-context the firewall. You could then specify FW1 with ISP1 as the primary and FW2 with ISP2 as the primary and use SLA for failover to the other ISP on each firewall.
You should be able to get that to work with some testing and such...
Other option would be to use the static routes with SLA and have ISP1 be the primary and ISP2 as the standby/ready firewall.
el 03-15-2011 10:16 PM
Thanks a lot for replying on my issue.
Actually VPN is configured on the ASA so multi-context not possible.
If I change the design and place a router outside of the ASA then will it fulfill the requirements? Please find the attachment for diagram.
Please note that there is ip address of ISP 1 mapping with mail server and also VPN.
if we user IP address of ISP 1 , in between ASA and router then how it go through ISP 2.
Please suggest me , what should be the design ?
Descubra y salve sus notas favoritas. Vuelva a encontrar las respuestas de los expertos, guías paso a paso, temas recientes y mucho más.
¿Es nuevo por aquí? Empiece con estos tips. Cómo usar la comunidad Guía para nuevos miembros