Back ISP Connection Doesn't up

abhishek.shah · ‎02-28-2011

Hello,

I have asa 5505 with security plus license, I configured dual ISP with two different ISP provider. I followed below cisco document to configure dual ISP

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml#cli

The Configuration works during the testing, while removing the primary ISP cable from firewall. The problem i am facing is my primary ISP is down but the gateway is still up and it not switch over to backup ISP. For SLA which IP should i monitor so once my primary ISP is down it will fallback to Secondary.

Thanks

PAUL GILBERT ARIAS · ‎02-28-2011

If the monitored IP is still responding the backup interface will not take over. You might want to change the IP that you are monitoring to something further.

abhishek.shah · ‎02-28-2011

Thanks, For reply

The problem is my ISP had someproblem with internet connection, but gateway is still up, so its not fallback to backup ISP. Do you know any well known IP so i can ping that and once it not pinging my backup ISP came in picture.

Thanks...

PAUL GILBERT ARIAS · ‎02-28-2011

you can try with 4.2.2.2

abhishek.shah · ‎02-28-2011

Thnaks for reply,

I need a permanent solution, can i use this IP for my client deployment or not, i mean its allowed use others DNS as monitor IP Address.

Thanks,

PAUL GILBERT ARIAS · ‎02-28-2011

I don't know if it is allowed. You could ask your ISP if they have a next hop IP that you can use for monitoring in order to detect when your connection is down. Maybe 2 or 3 hops away from your connection.