Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
388
Views
0
Helpful
5
Replies

WAN Multiple ISP’s and own public IP Addresses

smartin
Level 1
Level 1

‎01-06-2015 10:08 AM - edited ‎03-05-2019 12:30 AM

Currently running ASA 5545 (ASA version: 9.3(1)) with one 200 MB Internet connection connected to ASA via Cisco 3845 .

Recently installed second ISP (not used at this time) with a 10 MB connection with a separate Cisco 3845 (will be used for failover)

Just received from ARIN AS Name/Number and block of IPV4 addresses.

 

Questions, what is the best blueprint to address of our needs.

Do I use the second connection as a “failover” or do I increase the connection speed and use both connections.

I know I have to work with both providers to enable routing between them but what to use, BGP ?

 

Any white papers to address this would be grateful !

 

Labels:
0 Helpful
5 Replies 5

Reza Sharifi
Hall of Fame
Hall of Fame

‎01-06-2015 11:37 AM

Here is good link to start with

http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13762-40.html#conf5

As far BGP or not, with service providers, you usually have two choices, BGP or static.  With static you usually use a default route to each provider with different admin distance so one is primary and the other one backup. With BGP, you have a choice of default routes, partial routes or full routing table. Since you are using older devices (Cisco 3845) it is probably a good idea not to get the full Internet routing table which is about 600k right now. If you want to use BGP talk to your providers and maybe receiving a default route is a better choice.

HTH

 

 

0 Helpful

smartin
Level 1
Level 1
In response to Reza Sharifi

‎01-06-2015 11:40 AM

What about configuration of the ASA, what is the best topology when terminating two ISP's on the ASA, thanks.

0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to smartin

‎01-06-2015 11:55 AM

I have never done it on ASAs.  Most people terminate their circuits on routers and keep the firewalls as security devices sitting behind the routers and do NAT, VPN, etc on them.   

 

0 Helpful

smartin
Level 1
Level 1
In response to Reza Sharifi

‎01-06-2015 12:02 PM

Correct the ASA will continue to do NAT, VPN, etc. but looking at this paper

https://supportforums.cisco.com/document/139051/dual-isp-implementation-asa I have several options to think about.

0 Helpful

Reza Sharifi
Hall of Fame
Hall of Fame
In response to smartin

‎01-06-2015 12:52 PM

It can be done on ASAs as long as the providers are handing off Ethernet to you.  You just have to size the ASAs to make sure it can handle everything you need.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card