Showing results for 
Search instead for 
Did you mean: 

ASA 5510 with redundant dual ISP with DCHP?

I have an ASA 5510 with one primary ISP with a static IP block amd a 2nd ISP with DHCP IP adresses.

I want to use the 2nd as a backup if the primary fails.

I do have it setup as below, but it is not failing over when the primary goes down.

Result of the command: "sh run"

: Saved
ASA Version 8.2(2)
interface Ethernet0/0
nameif outside
security-level 0
ip address
interface Ethernet0/1
nameif inside
security-level 100
ip address
interface Ethernet0/2
nameif backup
security-level 0
dhcp client route distance 254
ip address dhcp setroute
dns domain-lookup outside
dns domain-lookup inside
dns server-group DefaultDNS
access-list inside_nat0_outbound extended permit ip any
access-list inside-networks standard permit
mtu outside 1500
mtu inside 1500
mtu backup 1500
icmp unreachable rate-limit 1 burst-size 1
global (outside) 1 interface
global (backup) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1
access-group outside_access_in in interface outside
route outside 128 track 1
sla monitor 123
type echo protocol ipIcmpEcho interface outside
num-packets 3
frequency 10
sla monitor schedule 123 life forever start-time now
track 1 rtr 123 reachability
dhcp-client client-id interface backup
dhcpd auto_config outside
: end

Result of the command: "show running-config sla monitor"

sla monitor 123
type echo protocol ipIcmpEcho interface outside
num-packets 3
frequency 10
sla monitor schedule 123 life forever start-time now

Result of the command: "show sla monitor configuration 123"

IP SLA Monitor, Infrastructure Engine-II.
Entry number: 123
Type of operation to perform: echo
Target address:
Interface: outside
Number of packets: 3
Request size (ARR data portion): 28
Operation timeout (milliseconds): 5000
Type Of Service parameters: 0x0
Verify data: No
Operation frequency (seconds): 10
Next Scheduled Start Time: Start Time already passed
Group Scheduled : FALSE
Life (seconds): Forever
Entry Ageout (seconds): never
Recurring (Starting Everyday): FALSE
Status of entry (SNMP RowStatus): Active
Enhanced History:

Result of the command: "show sla monitor operational-state"

Entry number: 123
Modification time: 08:53:30.913 UTC Fri Sep 14 2012
Number of Octets Used by this Entry: 1480
Number of operations attempted: 27449
Number of operations skipped: 0
Current seconds left in Life: Forever
Operational state of entry: Active
Last time this entry was reset: Never
Connection loss occurred: FALSE
Timeout occurred: FALSE
Over thresholds occurred: FALSE
Latest RTT (milliseconds): 1
Latest operation start time: 13:08:10.913 UTC Mon Sep 17 2012
Latest operation return code: OK
RTT Values:
RTTAvg: 1 RTTMin: 1 RTTMax: 1
NumOfRTT: 3 RTTSum: 3 RTTSum2: 3

Result of the command: "show route"

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
       * - candidate default, U - per-user static route, o - ODR
       P - periodic downloaded static route

Gateway of last resort is to network

C is directly connected, backup
C is directly connected, inside
S [1/0] via, outside
C is directly connected, outside
S* [128/0] via, outside

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards