one is the primary link delivered as a cat5 ethernet hand-off from the internet provider.
the other is a backup adsl link provided by the same internet provider.
I'm trying to configure the ASA so that if the primary ethernet internet link goes down the backup adsl link is dialed-up and used, and when the primary ethernet link is restored the backup link is disconnected and routing goes back through the primary link.
i've been looking into this for quite some time and trying different things but im still unsure of the best way to do this because im fairly unfamiliar with using the pppoe client on the ASA, and im still fairly amature at configuring redundant links so im hoping someone can help me.
to give you some background on the setup:
ive got two ASA 5510's running asa software 8.2(2) 12 in an active/standby failover configuration and that works fine.
primary internet link is a 4meg/4meg ethernet hand-off with static ip subnets
the two ASA's outside interfaces and the ethernet link from the ISP connect in to a small switch.
secondary link is adsl2+ which adopts the same static ips from the primary link when the pppoe session is established which means when the pppoe session comes up traffic is no longer routed to the primary link.
The ADSL is delivered to the ASA via a DSL modem in bridge mode.
The two ASA's backup interfaces are connected to the DSL modems ethernet ports.
even though both internet links have the same ip subnets assigned they would have different next hops (i havent had a chance to check this but logically it would be true).
this site acts as the ipsec hub to various branch sites.
this site also has remote access ipsec for support staff.
this site hosts internet services like email and web
my first challenge appears to be configuring the ASA to know when the primary link is down. Since its an ethernet link, the ASA wont know anything is wrong unless the cable is physically cut or disconnected.
I know I can use sla monitor to ping test the isp end of the link to determine if its up or down.
the next challenge is getting the asa to start the pppoe session for the adsl only when the primary link is determined to be down, and to disconnect the pppoe session when the primary link is determined to be up.
Since bringing up the adsl connection stops all traffic bring routed to the primary internet link i dont want to bring up the adsl connection until the primary link is deemed to be down, otherwise all traffic will be unneccessarily routed through the slower adsl link.
And then lastly i need to make sure the access lists and static NATs still work after the primary link goes down and the backup link comes up - e.g. can people still hit the website, can mail still be delivered, or will i need to create another set of access lists and static NATs to work with the backup link.
I have Cisco 2960 switch & I am going to use MST for spanning tree Below is the configuration spanning-tree mst configuration name TEST-MST revision 1 instance 1 vlan 101 instance 1 vlan 102 I have 2 VLANS & I wa...
We are having issues with a WS-C2960X-48FPD-L running IOS 15.2(2)E7. Some ports are simply not working. We had POE issues on some of the ports and decided to upgrade to hopefully resolve those issues but this has now become an even bigger issu...
the scenario is :I'm replacing core Cisco switch 4506-E with switch 4507R-E. As I have one supervisor card on 4506-E and I'm going to take out all the card that I have in 4506-E and install it in the new 4507R-E. On the 4507R-E I have 2 slots for the supe...
Since its release in August of 2019, the SASE report released by Gartner has generated a lot of chatter regarding what SASE is all about. People are wondering whether it will be disruptive to the current network and network security designs and are curiou...
I tried to setup a virtual environment with 2960 switches and 2911 Router. In one part of the network where I connected PCs directly to the 2911 Router, I was able to communicate to the attached devices, having configured static route. In the th...