Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
326
Views
0
Helpful
1
Replies

how to use multiple ISP connection to 5510

Lasandro Lopez
Level 1
Level 1

‎02-08-2013 06:34 AM - edited ‎03-11-2019 05:58 PM

Dear all!
i've two cisco asa5510 with 4 FastEthernet interfaces each.
They are connected as below:

Firewall01                                                                                         Firewall02

Fa0/0 - ISP1 (offer VPN Services to Public IP address)                  Fa0/0 - ISP2 (offer VPN Services to Public IP address)

Fa0/1 - Lan connection                                                                     Fa0/1 - Lan Connection

Fa0/2 - DataLink to Customer01                                                      Fa0/2 - DataLink to customer02

Fa0/3 - Datalink to customer03                                                        Fa0/3 - Datalink to Customer04

to three different ISP each of them! The 4rth interface of each of them, is connected to internal LAN network. Both Firewalls, offers VPN Services to ISP connections on Fa0/0

How can i achieve high availability for this scneario?

is this possible to implement some HighAvailability and to offer the actual services to each of them, in case that the other firewall fail?

What about using subintefaces? can i connect bothe ISP and Customers links on one or each of them, in case that firewall01 fails, all the services to be online on firewall02?

What about if i use virtual contexts? in this case, i'll lose VPN services, right?
Please, give me your suggestions!

Regards!

1 person had this problem
Labels:
0 Helpful
1 Reply 1

jocamare
Level 4
Level 4

‎02-19-2013 08:37 PM

Versions after 9.0 all support VPN when running in multiple context.

This way you can have a context for each client and communicate the contexts using the "cascading" concept

Will also let you run the ASAs in failover and achieve redundancy.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card