Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
693
Views
0
Helpful
5
Replies

vlan and two outside interface

aung.htwe
Level 1
Level 1

‎07-17-2013 11:29 PM - edited ‎03-11-2019 07:13 PM

Hi ,

Now my current asa 5510 is production as one inside interface (e0/1), one dmz(e0/2) interface and one outside interface(e0/0).

I want to add one more isp as outside 1 interface(e0/3).

Inside interface(e0/1) I will configure two vlans as one vlan for current network 192.168.1.0/24 and another one vlan for new network 192.168.10.0/24 to new isp with interface (e0/3).

Is it possible to work?

Aung

Labels:
0 Helpful
5 Replies 5

Jouni Forss
VIP Alumni
VIP Alumni

‎07-17-2013 11:49 PM

Hi,

So you are basically looking into configuring 2 separate LAN and WAN connections. Both LANs will use their own WAN link to ISP also.

I am not that sure about this on the 8.2 (or lower) software level but have tested this on 8.4 - 9.1 software levels. Then again this is not officially supported by Cisco so you would never know if it suddenly stopped working.

Generally Cisco ASAs support having 2 ISP links but only 1 of them would be active at one given time.

To have 2 different LAN networks use their own WAN link requires special NAT configurations to accomplish that.

What is your current software level on the ASA?

- Jouni

0 Helpful

aung.htwe
Level 1
Level 1
In response to Jouni Forss

‎07-18-2013 04:04 AM

Hi JouniForss,

Currently running version is ASA Version 8.2(5). That mean two ISP cannot active at the same time?

Thanks,

Aung

0 Helpful

Jouni Forss
VIP Alumni
VIP Alumni
In response to aung.htwe

‎07-18-2013 04:16 AM

Hi,

I have not tested or am not sure if there is really a way to accomplish this in the software you are running.

I have only tested this 8.4 - 9.1 software levels which use a completely different NAT configuration format compared to your software level.

Generally the CIsco ASA only support ISP failover. So only one ISP active at any given time. Some people might use Routing along with NAT configurations to enabled the use of both ISP but its not an officially supported setup.

On the newer softwares its easier to accomplish this with the NAT and that is the only thing I have tested.

- Jouni

0 Helpful

aung.htwe
Level 1
Level 1
In response to Jouni Forss

‎07-22-2013 07:28 PM

Hi Jouni,

Thanks your answer, I will try with the current software 8.2 first. Could I know when I configure the two outside interface

for two internal seperate network so I have to add default router. Is it work for both internal network? Do i need to use static route network1 route to router 1 and network 2 route to router 2. ?

Thanks,

Ko Htwe

0 Helpful

Jouni Forss
VIP Alumni
VIP Alumni
In response to aung.htwe

‎07-23-2013 05:08 AM

Hi,

I dont really know if this is possible in the software level 8.2 as I have not tried. I would assume its not possible as the 8.4 - 9.1 softwares use completely different NAT configuration format.

I WOULD NOT suggest updating above 8.2 before familiriazing yourself with the changes that came to the NAT configuration format in the 8.3 software.

- Jouni

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card