Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1155
Views
0
Helpful
10
Replies

Cisco ASA 5505 with Dual ISP and 2 networks

B. BELHADJ
Level 4
Level 4

‎05-08-2013 03:07 PM - edited ‎03-11-2019 06:40 PM

I would like to configure a Cisco ASA 5505 with Dual ISP (ISP 1 and  ISP2) and two networks (network 1 and network 2). My customer need that  clients in the network 1 connect to Internet with ISP1 and clients in  the network 2 connect with ISP2. If a failure occurs in ISP1 (just an  example) the network 1 clients connect with ISP2.

Any help please?

Best regards.

Labels:
0 Helpful
10 Replies 10

Julio Carvajal
VIP Alumni
VIP Alumni

‎05-08-2013 03:13 PM

Hello,

What you are trying to configure is known as Policy Based Routing ( Route based on certain patterns ) in your case it would be the source IP address, at this moment that is not possible on the ASA plataform devices so you might want to read the following document for further analisis,

https://supportforums.cisco.com/docs/DOC-15622

Regards

Julio Carvajal

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

Jouni Forss
VIP Alumni
VIP Alumni

‎05-08-2013 03:17 PM

Hi,

With the newer softwares you might be able to configure the NAT so that one LAN network users one ISP and the other LAN network uses another ISP.

What is your current software level and license on the ASA?

I am not too sure about the tracking the ISP links though. It would probably take for the whole ISP interface on the ASA to go down for this to work.

- Jouni

0 Helpful

B. BELHADJ
Level 4
Level 4
In response to Jouni Forss

‎05-08-2013 03:30 PM

Hi Jouni,

My Cisco Adaptive Security Appliance Software Version is 8.2(1)

Best regards.

0 Helpful

Jouni Forss
VIP Alumni
VIP Alumni
In response to B. BELHADJ

‎05-08-2013 03:32 PM

Hi,

The solution I am thinking about wouldnt work with your software version.

I have only tested it on 8.4 - 9.1 software levels which have a totally different NAT configuration format.

- Jouni

0 Helpful

B. BELHADJ
Level 4
Level 4
In response to Jouni Forss

‎05-08-2013 03:36 PM

Hi,

If i upgarde my ASA IOS to 8.4 i will find a problem with my NAT configurations,  no?

Best regards

0 Helpful

Jouni Forss
VIP Alumni
VIP Alumni
In response to B. BELHADJ

‎05-08-2013 03:39 PM

Hi,

Yes, the NAT format would change completely. And depending how many configuration you have now it might be very confusing at start.

I couldnt really recomend upgrading the software in a hurry if you are not familiar with the new NAT.

- Jouni

0 Helpful

B. BELHADJ
Level 4
Level 4
In response to Jouni Forss

‎05-08-2013 03:54 PM

Thank you Jouni for your help.

0 Helpful

Julio Carvajal
VIP Alumni
VIP Alumni
In response to B. BELHADJ

‎05-08-2013 03:35 PM

Hello Bouchaib,

Officially PBR is not supported on the ASA, There are severals way to hijack the ASA software with NAT statements to accomplish the same result  but is not officially supported and if it work will depend on the scenario, what version you are running,etc,etc.

What you can do is to set a router on the outside interface of the ASA to accomplish this ( that would be the only possibility right now)

Regards,

Julio Carvajal

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

B. BELHADJ
Level 4
Level 4
In response to Julio Carvajal

‎05-08-2013 04:30 PM

Thank you Julio for your help.

0 Helpful

Julio Carvajal
VIP Alumni
VIP Alumni
In response to B. BELHADJ

‎05-08-2013 04:48 PM

Sure,

Any other question let us know,

Otherwise please mark the question as answered

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card