Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
475
Views
0
Helpful
1
Replies

does asa version 8 support secindary ip? Policy based routing?

Mudasir Abbas
Level 1
Level 1

‎12-26-2010 03:54 AM - edited ‎03-11-2019 12:27 PM

Hi Experts,

my topology is this something like;

ASA 5520 -----|Outside VLAN| -----R1----| ISP1

                                          | -----R2----| ISP2

Proxy appliance is NAT'd on ASA, NAT is only for one ISP IP .. If that ISP goes down internet goes down for users accessing internet through that ISP.

What I saw in documentation, ASA limitaiton: No policy based routing, No secondary IP. Is there any work arround except static ARP entry?

What i think is, I should exempt NAT for proxy IP and let routers ISP1 & ISP2 do NAT. Both Rotuers will have NAT'ing statements. Using HSRP I can force ASA to forward proxy traffic to Active router (that has internet reachability tracked by HSRP).

Any suggestions?

Regards

Mudasir Abbas

Labels:
0 Helpful
1 Reply 1

Kureli Sankar
Cisco Employee
Cisco Employee

‎12-26-2010 06:45 AM

You are correct on both counts.  You can read about other options here: https://supportforums.cisco.com/docs/DOC-13015

Since this questions has come up many many times, I worte this document a while ago.

Dont' miss my ATE event Starts January 3, 2011: https://supportforums.cisco.com/community/netpro/ask-the-expert

-KS

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card