Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
906
Views
5
Helpful
7
Replies

Which exit with multiple outside interfaces

Go to solution
jgadbois
Level 1
Level 1

‎12-05-2010 04:05 PM - edited ‎03-11-2019 12:18 PM

This has probably been asked and answered but.......

Let's say, for example, you have a ASA5510 and have set it up with two outside interfaces, A and B.  Both interfaces are connected to two different ISPs with different addresses.  The inside interface is setup with a private address and this is the default gateway for the inside users.  The question is, which outside interface does the ASA use?  Is this determined by it's security level?  Is it just random or the same interface all the time? I'm assuming proper NAT setup.

Jim

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee
In response to Jennifer Halim

‎12-05-2010 04:48 PM

I have listed some options here in this doc: https://supportforums.cisco.com/docs/DOC-13015

-KS

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎12-05-2010 04:11 PM

Dual ISP default gateway is not supported on ASA. This means that you can't have 2 default gateways configured for 2 external (outside) interfaces for load balancing purposes.

What is supported by the ASA is the following:

1) Choose 1 ISP to send the default gateway to, and configure the second ISP for failover (with the SLA monitor and tracking feature).

Here is a sample configuration for your reference:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml

2) You can use the 1 ISP as your default gateway, and your 2nd ISP to only pass your static site-to-site vpn tunnel by configuring specific routes to reach peer networks.

Hope that helps.

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee
In response to Jennifer Halim

‎12-05-2010 04:48 PM

I have listed some options here in this doc: https://supportforums.cisco.com/docs/DOC-13015

-KS

0 Helpful

Go to solution
jgadbois
Level 1
Level 1
In response to Kureli Sankar

‎12-06-2010 06:48 AM

Poonquzhali,

Thank you also for the link.  I'm not sure why I couldn't find this.  After Jennifer's explanation I had a Homer Simpson moment.

Jim

0 Helpful

Go to solution
jgadbois
Level 1
Level 1
In response to Jennifer Halim

‎12-06-2010 06:44 AM

Jennifer,

Thanks for your reply.  I think you took it way too far because I was simply asking which interface but I am greatful for the extra info.

Jim

0 Helpful

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee
In response to jgadbois

‎12-06-2010 06:59 AM

Jim,

I am not sure why you couldn't find the doc when you searched. May be I didnt' tag it right.

Could you pls. let me know what key words you used to search it so, I can tag it with those words as well.  Someone else had mentioned the same thing on our forum not too long ago.

-KS

0 Helpful

Go to solution
jgadbois
Level 1
Level 1
In response to Kureli Sankar

‎12-06-2010 04:51 PM

Poonquzhali,

I think I used something like "ASA5510" or "multiple interfaces" or multiple outside interfaces".  It could even have been a combination of these words.

Jim

0 Helpful

Go to solution
Kureli Sankar
Cisco Employee
Cisco Employee
In response to jgadbois

‎12-06-2010 05:08 PM

Ok. I already added these words as tags this morning.  If you search it now with these words and only chose documents you should see it as a first hit.  Any time you search make sure to only use ASA and not ASA5510 or ASA5540 or ASA5520.

Thanks,

KS

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card