cisco 1841 dual isp

Deepak Suryavanshi · ‎11-19-2013

hello experts,

I need help for configuring two ISPs in a active active mode.

here is the basic connectivity

(isp1) (isp2)

| |

| |

<<ASA 5520>>

|

Is it possible to configure an Active Active internet connection using two ISPs in the above seniario ?

currently I have configured only one ISP using <ISP1---Router---ASA5520> below is the config

Also suggest me if I can directly terminate both the internet connection to the ASA or is it advisible to use router ?

Router config

interface FastEthernet0/0

description "WAN IP"

ip address 14.x.x.x 255.255.255.252

speed 100

full-duplex

!

interface FastEthernet0/1

description "Lan ip"

ip address 14.x.x.x 255.255.255.248

duplex auto

speed auto

!

ip classless

ip route 0.0.0.0 0.0.0.0 14.x.x.1

!

ip http server

!

no logging trap

!

control-plane

Richard Burts · ‎11-23-2013

I can not determine from your drawing or from your description whether the 1841 routers each connect directly to an interface on the ASA or whether they connect through a switch. If each router connects directly to an ASA interface then creating an active/active will difficult. If the routers connect through a switch then the routers can communicate directly with each other and that will make it easier to split the traffic and create an active/active mode.

If you will be trying to do this there are some challenges that you will need to plan for:

- where will address translation be done (on ASA or on routers)?

- Will you use a dynamic routing protocol with the ISPs or use static routing?

- arranging for sharing traffic outbound in active/active is under your control and you can probably do it. But what will you arrange with the ISPs to achieve splitting traffic from the ISPs inbound to your network?

HTH

Rick

HTH

Rick

Deepak Suryavanshi · ‎11-23-2013

Initially I had decided to connect the routers directly to ASA but now I have added a L3 switch between ASA and the routers.

I have added /29 subnet to communicate between Router1, Router2, WAN L3 and ASA.

Currently internet is working on a single ISP. I am still now sure how do I accomplish load balancing can you help me how I proceed further should I use RIP or BGP.

Router1

interface FastEthernet0/0

description "ISP1 WAN IP"

ip address 1.1.1.130 255.255.255.252

duplex full

speed 100

!

interface FastEthernet0/1

description "Lan ip"

ip address 192.168.99.4 255.255.255.248

duplex auto

speed auto

!

Ip route 0.0.0.0 0.0.0.0 1.1.1.129

Ip route 2.2.2.1 255.255.255.248 192.168.99.1

Router2

interface FastEthernet0/0

description "ISP2 WAN IP"

ip address 2.2.2.230 255.255.255.252

duplex full

speed 100

!

interface FastEthernet0/1

description "Lan ip"

ip address 192.168.99.4 255.255.255.248

duplex auto

speed auto

!

WAN L3

interface GigabitEthernet1/0/1

switchport access vlan 11

switchport mode access

!

interface GigabitEthernet1/0/2

switchport access vlan 11

switchport mode access

!

interface GigabitEthernet1/0/3

switchport access vlan 11

switchport mode access

interface Vlan11

ip address 192.168.99.2 255.255.255.248

!

router rip

version 2

network 1.0.0.0

network 15.0.0.0

network 192.168.99.0

no auto-summary

!

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.99.1

ip http server

!

control-plane

!

line con 0

line vty 0 4

login local

line vty 5 15

login local

ASA

interface GigabitEthernet0/0

speed 1000

duplex full

nameif internet1

security-level 0

ip address 192.168.99.1 255.255.255.248

interface GigabitEthernet0/3

speed 100

nameif inside

security-level 100

ip address 192.168.88.2 255.255.255.0

global (internet1) 1 2.2.2.1 netmask 255.255.255.248----------------- Public IP from ISP2

nat (inside) 1 access-list internet-inside

route internet1 0.0.0.0 0.0.0.0 192.168.99.4 1

Thanks & Regards

Deepak