cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5033
Views
0
Helpful
4
Replies

Dual ISP's on Cisco ASA 5505

RICHARDYAWE
Level 1
Level 1

We have a cisco ASA 5505 with sec bundle plus

We have two ISP's:

ISP1 (Our IP = 30.100.150.50, gateway 30.100.150.8)

ISP2 (Our IP = dynamic, gateway 20.100.150.9) - ADSL

Our internal LAN IP range is 10.9.8.0/24

We want to configure the ASA 5505 to allow users via ISP2 for http traffic

We then want to use ISP1 for strictly VPN and access to internal web resources (eg OWA) as we have public IP's there.

Our idea was to configure two gateways on the ASA (e.g. 10.9.8.5 via ISP2 and 10.9.8.6 via ISP1)

Then give the users gateway 10.9.8.5 for web browsing etc

Is this configuration possible on the ASA 5505?

Can someone please assist with how it could be done if possible

Regards

4 Replies 4

varrao
Level 10
Level 10

Hi Richard,

What you are trying to attempt is an unsupported feature on the ASA, bcoz ASA cannot do policy-based routing as in like a router, although you can try the document below and give it a short. But again, it is unsupported feature and might or might not work, but it is a workaround for it.

https://supportforums.cisco.com/docs/DOC-13015

Hope that helps.

Thanks,

Varun

Thanks,
Varun Rao

Hi Varun,

Thanks for the information and link. I completely misunderstood the dual-isp purpose on the ASA. The workaround looks interesting but if it is not supported I wonder how secure it is. Have you ever used it?

Regards

Hi Richard,

I have seen it working but its not the best practice, it shoudl only be used when you are left with no option and your requirement is critical.

Thanks,

Varun

Thanks,
Varun Rao

what about dual isp for backup purposes with the outside ip being dynamic, is that possible? how?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: