Cisco 1841 Two ISP problem

nhanguyen2909 · ‎04-07-2014

Dear All,

I have one customer who bought Cisco ASA 5510 and Cisco 1841 Router. He's just subscribed the new ADSL line from another ISP (WAN 2) which is connected to the Cisco Router 1841. Before that, they could connect via VPN to Cisco ASA 5510 from the Internet through WAN 1 (leased line) and the VPN clients could access to file sharing on the Server (172.16.2.10).

Now the customer wants to use the WAN 2 for VPN Connectivity. We've already set up the ADSL link (dialer 1 to Internet) and NAT port 1723 to ASA. But the VPN clients could not connect to Cisco ASA 5510 (VPN Server).

Kindly help to advise the solution.

luckymike33 · ‎04-07-2014

Hi,

Are you saying that your customer wants his VPN clients to use the ADSL link rather than the Leased line link? You should do a traceroute from the vpn client position, and see if you can ever reach the ASA external ip address via the adsl link first. I imagine that the route taken depends on the BGP config of your 2 ISPs.

The thing with BGP is - it is the only protocol which allows you to control the path of inbound traffic arriving in to your network.

If the traceroute doesn't work, try a looking glass server to check the BGP As-path to your destination.

HTH

Mike

nhanguyen2909 · ‎04-07-2014

Hi Luckymike33,

Yeah, my customer want to use ADSL link for VPN clients. I was traceroute from vpn client, can reach ADSL Public IP (2.2.2.2) but it's External IP of router 1841.

I tried plug the ADSL link direct to ASA5510 and configure dialer on it. The dialer was configured successfully but ASA couldn't understand dual route (route 1: Dialer, Route 2: to 1841).

Any help?

Note: i have just edited my diagram.

nhanguyen2909 · ‎04-12-2014

Any help?