11-16-2016 07:21 AM - edited 03-12-2019 01:32 AM
Hi Team,
One of our client is having ASA 5520 with two ISP Link..Customer is expecting that Mail traffic flow to dedicated one ISP and remaining traffic flow to other ISP.If any one of the ISP goes down all traffic should work to availability ISP Link. Please help on this .
Thanks
Muthukumar
11-16-2016 01:28 PM
That's easy: Replace the outdated legacy ASA with an ASA-X and configure Policy-based routing. Ok, one part of this might not be that easy. But that's a task for the feature PBR which got introduced to the ASA in newer releases which is not available for the older models.
11-16-2016 08:44 PM
HI ,
I have attached ASA 5520 Tech support and Traffic flow details . Please find it and confirm that this model is support for PBR if supported please share the configuration document..
and one more thing customer is having two firewall , ASA in outside and cyberoam is Inside firewall.. Please help suggest how achieved the target..
Thanks
Muthukumar
11-17-2016 06:48 PM
Muthukumar
Support for PBR was added in release 9.4. Your 5520 does not run code that supports PBR. So unfortunately I must confirm that your 5520 does not support PBR.
HTH
Rick
11-17-2016 08:18 PM
HI,
You are talking about IOS version.. if yes I will upgrade the suggested IOS version 9.1.7..
Please confirm and if share the PBR configuration URL as well..
Thanks
Muthukumar
11-18-2016 06:28 AM
Muthukumar
PBR is not supported in 9.1.7. PBR is supported beginning in 9.4. I do not believe that 5520 can run that version of code.
HTH
Rick
11-18-2016 08:29 PM
Hi ,
Thanks for your response, I will inform to customer ISP link fail over only possible.. But One of other customer raising same query but they are having ASA 5525X.. Can you help me PBR routing document for this scenario..
Thanks
Muthukumar
11-18-2016 11:40 PM
11-18-2016 02:16 PM
After looking again at your traffic-flow- document, do you want to control outbound or inbound traffic? As already mentioned, outbound would be done with PBR which is not available for your platform. But for inbound traffic, you could use both of your ISPs. So, what exactly do you want to achieve?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide