Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
480
Views
0
Helpful
2
Replies

Source interface based routing

richyvrlimited
Level 1
Level 1

‎06-08-2023 04:54 AM

Pretty sure this isn't possible, but worth an ask.

I'd like to policy route some of our traffic based on application awareness. This is all being done by a Sophos XG and then routed via an alternate link to an ASA which is one of our internet /AnyConnect gateways.

As the ASA already has static routes inside for addresses any traffic the Sophos XG policy routes to the ASA is sent back via it's inside interface causing asymmetric routing.

I can fix this by NAT'ing outbound traffic that's been policy routed on the XG, however I can only do the NAT based on source/destination IP, not application awareness

Other than re-architecting the network, can I policy route traffic on the ASA so if the traffic was originally sourced from a specific interface then return traffic would be routed via this interface?

Cheers

0 Helpful
2 Replies 2

Flavio Miranda
VIP
VIP

‎06-08-2023 05:45 AM

Hi

 Policy based routing is supported on ASA from version 9.4.1.

https://www.networkstraining.com/cisco-asa-policy-based-routing-pbr/

 

0 Helpful

richyvrlimited
Level 1
Level 1
In response to Flavio Miranda

‎06-08-2023 06:20 AM

Not really what I asked. I know I can policy route based on source address. What I want to do is policy route based on the original source interface of the connection.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card