ASA 5512 Routing with BGP cutover

brb719648 · ‎01-28-2021

Hi All,

I am in a situation where I am trying to cut over clients one at a time from the existing wan connection to our new BGP circuit. The problem that I am encountering is that the return traffic is exiting out the current wan link and not over the BGP link where the traffic initially entered the device. Does anyone know a way to have the return traffic use the interface on which the initial traffic flow was built on ad there by a next-hop ip.

Thanks

TJ-20933766 · ‎01-28-2021

So you are sending traffic out the BGP link but return traffic is coming in on the WAN link? Sounds like you may need to call the ISP and talk with an engineer.

brb719648 · ‎01-28-2021

We host RDS server on our internal lan that clients have access to. They currently connect over our wan link, get natted to an internal IP and everything works great. When I try to move a client so their external IP is on the BGP link the return traffic from the RDS server doesn't exit the BGP interface. Instead it looks like the ASA is using the default route and still sending return traffic over the wan interface. I'm hoping I can use a route map to modify the next hop. I guess what I don't know is will the route-map be used for the return traffic if there is an existing flow already established.

MHM Cisco World · ‎01-28-2021

ASA with dual ISP
one is BGP
your Q about the Inbound or Outbound traffic ?

brb719648 · ‎01-29-2021

Technically there are 3 ISPs. 2 on the BGP side and 1 from our datacenter.