cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
458
Views
0
Helpful
5
Replies

For Cisco Security processional

eng.taher_gabr
Level 1
Level 1

I have new internet connection line and i want to connect it with the primary internet connection through ASA 5510 ver 9.1

Kindly i need ideas

the first line is  working fine and want to implement the second line for load sharing purpose

 

Regards

 

5 Replies 5

Marvin Rhoads
Hall of Fame
Hall of Fame

Cisco ASA firewalls do not support dynamic load sharing via multiple interfaces.

You can setup one to be a backup for the other but for true load sharing you need a router that terminates both lines and uses mechanisms like policy-based routing or BGP with full route tables to make decisions based on things like best path to a given destination.

HI Mr.Marvin

you are right ASA firewall not supporting load sharing ,

I like to tell you the whole situation :-

I have internet line through cisco router 3825 connected to ASA 5510 ver 9.1 then ( the ASA Inside Connected to untrusted interface Palo Alto Firewall then the trusted interface palo alto connected to core swithc 4506 E and to the inside network)

so , i have new internet line and i want to use the two lines at the same time between users with the same network design,,

 

please help about this  

Hi,

I think this should answer your query:-

https://supportforums.cisco.com/document/49756/asapix-load-balancing-between-two-isp-options

Thanks and Regards,

Vibhor Amrodia

 

thanks Vibhor ,,,

 

but it is not helping

 

So in the situation you described the second Internet connection would go to the 3825 router. There you would let the routing protocol (e.g. BGP) dynamically choose the best path based on the configured BGP metrics. This would depend on taking a full routing table and not simply a default route.

You could also optionally use a more advanced feature like Performance Routing (PfR) in the 3825.

In either case, the ASA would have a default route to the 3825 and not have any part in making the choice between path A and path B.

Review Cisco Networking for a $25 gift card