10-21-2012 12:52 AM - edited 03-04-2019 05:55 PM
Hello,
In my company, we have two Internet connections, one for VPN and the other for emails and browsing. I have Cisco 1841 router with dual ADSL links, and also it's conntected to ASA and the other PIX. through one physical interface (vlan 1and vlan 2). The PIX firewall is connected to users, and the ASA is for VPN only.How can I seperate the traffic is going for emails and browsing and the vpn traffic. I have got to the point, that the router is configured for both ADSL connections, and I also configured the access-list and route-map in the router, the thing is when both ADSL configured together none of them works.Any ideas what am doing wrong
Fuad Bazarah
10-21-2012 04:21 AM
When looking at your devices, It seems like the buying-decisions were made completele independent without thinking about how they would work together. All in all for me it seems that it's all more complicated then needed.
I would change the complete setup the following way:
Remove the PIX, connect the ASAs outside interface to the static ADSL and the ASAs inside interface to the 1841. The 1841 is the DG for the users and has two statics routes. The default route to the dynamic ADSL and the VPN-pool to the ASA On the router you should activate the IOS-firewall for the connection to the internet (you need a security-license for that).
Another scenario is to remove the PIX and router completely. At least with the AnyConnect-Client you can use both ADSLs independently the way you want.
--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide