Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2685
Views
0
Helpful
2
Replies

Cisco ASA version 8.4 using 2 ISPs as failover

Go to solution
cflanders
Level 1
Level 1

‎08-10-2011 01:30 PM - edited ‎03-11-2019 02:10 PM


I have a Cisco ASA 5510 and I am trying to set it up to be able to have it failover to the 2nd ISP connection if the 1st one ever went down.  I think I need a nat statement that the "backup" connection will use when the 1st connection goes down, but I am unsure what the nat statement is supposed to be.  I have added the commands that I am pretty sure that I need to add for the "backup" ISP connection.  Attached are those commands, the interfaces that are set up, and the objects that are set up in the ASA.  I would very much appreciate some help with what I am trying to accomplish.  Thank you in advance for your help.

Thanks,

Chris

Labels:
111598-Backup ISP ASA config statements.txt.zip
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
NAGISWAREN2
Level 1
Level 1
In response to varrao

‎08-11-2011 07:41 PM

Yes... you got use IP SLA using object tracking... Please go to routing setting, on the default routing insert your ISP DNS(it could be anything but better to use ISP DNS) on tracking. Remember to do this only for your Primary Link. And then add another default routing poting to 2nd ISP without any tracking.

NAT should follow as same as Primarry link.

Regards, Nagis

View solution in original post

0 Helpful
2 Replies 2

Go to solution
varrao
Level 10
Level 10

‎08-10-2011 07:15 PM

Hi Christopher,

There is more to iot than just add a nat statement, I would suggest you to configure sla monitoring on th device, so that it does an automatic failover to backup ISP. Here is a very good doc for it:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml

The nat statement that you might need to add is :

object network obj_any1

   subnet 0.0.0.0 0.0.0.0

   nat (inside,backup) dynamic interface

Hope this helps.

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful

Go to solution
NAGISWAREN2
Level 1
Level 1
In response to varrao

‎08-11-2011 07:41 PM

Yes... you got use IP SLA using object tracking... Please go to routing setting, on the default routing insert your ISP DNS(it could be anything but better to use ISP DNS) on tracking. Remember to do this only for your Primary Link. And then add another default routing poting to 2nd ISP without any tracking.

NAT should follow as same as Primarry link.

Regards, Nagis
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card