12-06-2011 12:25 AM - edited 03-11-2019 02:59 PM
We have a cisco ASA 5505 with sec bundle plus
We have two ISP's:
ISP1 (Our IP = 30.100.150.50, gateway 30.100.150.8)
ISP2 (Our IP = dynamic, gateway 20.100.150.9) - ADSL
Our internal LAN IP range is 10.9.8.0/24
We want to configure the ASA 5505 to allow users via ISP2 for http traffic
We then want to use ISP1 for strictly VPN and access to internal web resources (eg OWA) as we have public IP's there.
Our idea was to configure two gateways on the ASA (e.g. 10.9.8.5 via ISP2 and 10.9.8.6 via ISP1)
Then give the users gateway 10.9.8.5 for web browsing etc
Is this configuration possible on the ASA 5505?
Can someone please assist with how it could be done if possible
Regards
12-06-2011 01:48 AM
Hi Richard,
What you are trying to attempt is an unsupported feature on the ASA, bcoz ASA cannot do policy-based routing as in like a router, although you can try the document below and give it a short. But again, it is unsupported feature and might or might not work, but it is a workaround for it.
https://supportforums.cisco.com/docs/DOC-13015
Hope that helps.
Thanks,
Varun
12-06-2011 04:19 AM
Hi Varun,
Thanks for the information and link. I completely misunderstood the dual-isp purpose on the ASA. The workaround looks interesting but if it is not supported I wonder how secure it is. Have you ever used it?
Regards
12-06-2011 05:10 AM
Hi Richard,
I have seen it working but its not the best practice, it shoudl only be used when you are left with no option and your requirement is critical.
Thanks,
Varun
06-04-2012 02:11 PM
what about dual isp for backup purposes with the outside ip being dynamic, is that possible? how?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide