Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
662
Views
0
Helpful
1
Replies

Cisco ASA 5520 - Routing based on what Interface traffic comes in on

sstepun
Level 1
Level 1

‎03-27-2012 07:13 AM - edited ‎03-04-2019 03:49 PM

I have a situation that I am not sure is possible on the ASA but here it goes...

We have an ASA that has 3 IPSEC VPN tunnels and standard interenet trafic coming in on Int E0/0 that I need to have go out Int E0/1. E0/1 is directly connected to a Steelhead Riverbed 2020. The Traffic will need to come back out of the Steelhead Riverbed 2020 and into the ASA to Int E0/2. From here it needs to go out either Int E0/3 which is connected to a Catalyst 3560 Switch or back out Int E0/0 though one of the VPN tunnels. I attached a PDF with a diagram if that helps.

The reason we are doing this is we have Riverbed's at all our locations and they need to talk to each other to optimize traffic. Is this routing possible any other way than PBR (Policy Based Routing)? I am of the understanding that PBR is not supported on the ASA or PIX.

Any help would be appriciated.

Thanks!

Labels:
Preview file
360 KB
0 Helpful
1 Reply 1

nelsonw
Level 1
Level 1

‎12-22-2015 02:52 PM

For any tech that has had similar design issues, the answer is sadly quite simple:

ASA5500 series does not provide PBR.  Cisco added this feature in their new ASA5500X series in firmware 9.4.  This next gen firewalls are capable of PBR and additional great features such as packet inspection, which will provide you a more granular visibility and control of your traffic.

Hope this helps!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card