Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
192
Views
0
Helpful
1
Replies

ASA5510 traffic split on dual internet links

amrishp2300
Level 1
Level 1

‎10-19-2015 08:16 AM - edited ‎03-11-2019 11:46 PM

Hi All,

 

I have ASA5510 running with Software Version 8.3(2). There are two internet links - ISP1 and ISP2.

 

I want to use ISP1 link for remote users to reach this ASA for Anyconnect SSL VPN access.

And ISP2 link should be used for inside users to go out for http/https internet access.

 

I think PBR is not possible on ASA. Can someone help if there is any alternate configuration option for above requirements.

 

Thanks,

AP

Labels:
0 Helpful
1 Reply 1

Rishabh Seth
Level 7
Level 7

‎10-19-2015 10:48 AM

PBR is supported on ASA 9.4.1 and above.I don't think the release is available for legacy ASA firewall.

I can think of using NAT to pull this off but I am not sure if it will perfectly work. 

You can try creating a static NAT rule from insideto ISP2 and match destination port as 80 and 443 for users.

Eg.

Nat(inside,isp2) source dynamic object-internal interface destination any any eq 80

Similarly for 443.

 

This is not a substitute for PBR so you can try it if it works otherwise you will need to upgrade to use PBR on newer code.

 

Share your findings.

Thanks,

R.Seth

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card