08-28-2012 05:36 AM - edited 03-11-2019 04:47 PM
We are in the process of implementing secondary ISP to our ASA firewall and I wondered if anyone else has configured something like this ??
We would like to run both ISPs in parallel so we can test until we finally cutover
Any help would be greatly appreciated
Thanks
Mark
08-28-2012 06:15 AM
The ASA only supports the concept of primary and backup ISP. You cant use both at the same time if you need a default-route for both of them. And if you want to test the new functionality on the new link you probably need that.
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
08-28-2012 11:41 AM
Hello,
You could implement the SLA monitoring, so you can have a redundant path in case you lost connectivity to the outside world via the primary ISP.
This will not allow Load-balancing.
As you might now there is no possibility to do PBR on the ASA, but just as a workaround you could send all HTTP and HTTPS traffic over a link based on nat rules... Or send all the VPN traffic over a link and then the rest of the traffic over the other one
Those are the two options you have
Remember to rate all the helpful posts
Julio
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide