Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
8197
Views
0
Helpful
10
Replies

Cisco ASA 5510 dual ISP Active/Standby Fail-over

Go to solution
santiago.jem
Beginner
Beginner

‎04-03-2013 02:24 PM - edited ‎03-11-2019 06:23 PM

Hello Experts,

I have a dual ISP, 1 primary and 1 secondary terminated on fa0 and fa2 on our ASA respectively.

ASA was configured so that, when the primary fails, the secondary kicks in. 

! INTERFACE CONFIG

interface Ethernet0/0                              <----- ISP_1

nameif outside

security-level 0

ip address dhcp setroute

!

interface Ethernet0/1

nameif inside

security-level 100

ip address 10.80.1.1 255.255.255.0

!

interface Ethernet0/2

nameif outside_p

security-level 0

pppoe client vpdn group ISP_2                    <----- ISP_2

ip address pppoe setroute

! SLA CONFIG

sla monitor 1

type echo protocol ipIcmpEcho 1.1.1.1 interface outside_p

frequency 10

sla monitor schedule 1 life forever start-time now

!

track 1 rtr 1 reachability

It was until yesterday that we experienced downtime on the primary ISP that the secondary doesn't do the fail-over.

I have to manually configure the device to use the secondary ISP.

Currently, I'm looking at maybe this has something to do with the licensing.

We are currently using a Base License, should we be upgrading to Security Plus?

Or am I missing something in my config?

Hope someone could point me out to the right direction.

Thank you.

Regards,

Jem

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
lcambron
Participant
Participant
In response to santiago.jem

‎04-09-2013 01:26 PM