cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
1851
Views
0
Helpful
1
Replies

Configure Dual ISP on 5505 8.4

jasong
Level 1
Level 1

Hi there,

I am attempting to set up failover dual ISP on a 5505 running 8.4(4) with the Sec Plus  license.

Everything i have been able to reference so far, points to old commands not available or relevant in 8.4

For instance:

global (backup) 1 interface

global (outside) 1 interface

nat (inside) 1 0.0.0.0 0.0.0.0

route outside 0.0.0.0 0.0.0.0 20.20.20.1 1

route backup 0.0.0.0 0.0.0.0 30.30.30.1 10

What is the new syntax that should be used to mimic these commands?  I have the sla and trach reachability configuration already set up.

any help is appreciated.

1 Reply 1

Jouni Forss
VIP Alumni
VIP Alumni

Hi,

I was actually just testing this out of interest today. I hadnt done Dual ISP before with the ASA alone as we have handled that in other upstream routers usually.

However this is what I configure and it worked fine. This is from an ASA5520 so only interface IDs/names should be different

interface GigabitEthernet0/0

description Primary ISP

nameif WAN-1

security-level 0

ip address 255.255.255.0

!

interface GigabitEthernet0/1

description Secondary ISP

nameif WAN-2

security-level 0

ip address 255.255.255.0

route WAN-1 0.0.0.0 0.0.0.0 192.168.101.1 1 track 200

route WAN-2 0.0.0.0 0.0.0.0 192.168.102.1 254

sla monitor 200

type echo protocol ipIcmpEcho interface WAN-1

num-packets 2

timeout 2000

frequency 3

sla monitor schedule 200 life forever start-time now

track 200 rtr 200 reachability

object-group network LAN-NETWORKS

network-object

network-object

nat (LAN,WAN-1) after-auto source dynamic LAN-NETWORKS interface

nat (LAN,WAN-2) after-auto source dynamic LAN-NETWORKS interface

Hope this helps

- Jouni

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: