cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
337
Views
0
Helpful
2
Replies
Highlighted
Beginner

Adding second ISP to my LAN, but in different building?

I need to add a second ISP as a backup ISP. The second ISP was installed and is active. This was done before I started working here. I'm not sure on how to make this second ISP useable though. Here's my scenario

ISP 1  --> ASA 5510 --> Catalyst 3750  ----trunk---- Catalyst 3750--- trunk ---- Catalyst 3560 ------  ISP 2

How can I get ISP all the way back up to the ASA? Put the port that ISP 2 is plugged into on it's own VLAN? Say VLAN50 and then allow VLAN 50 on the trunks?                   

Everyone's tags (4)
1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Expert

Re: Adding second ISP to my LAN, but in different building?

Hello Abrrymnvette,

>> How can I get ISP all the way back up to the ASA? Put the port that ISP 2 is plugged into on it's own VLAN? Say VLAN50 and then allow VLAN 50 on the trunks?  

Yes, if you haven't a free interface on the ASA 5510 that woud be better from a security point of view.

IF you go this way you need :

to create vlan 50 on all involved catalyst switches

to allow vlan 50 in all trunk links

to make the ASA - C3750  a trunk link allowing at least  two vlans vlan 50 and the inside Vlan

to configure vlan based subinterfaces on the ASA

DO NOT configure an SVI in vlan 50 in any of your switches or the ASA can be bypassed.

Hope to help

Giuseppe

2 REPLIES 2
Hall of Fame Expert

Re: Adding second ISP to my LAN, but in different building?

Hello Abrrymnvette,

>> How can I get ISP all the way back up to the ASA? Put the port that ISP 2 is plugged into on it's own VLAN? Say VLAN50 and then allow VLAN 50 on the trunks?  

Yes, if you haven't a free interface on the ASA 5510 that woud be better from a security point of view.

IF you go this way you need :

to create vlan 50 on all involved catalyst switches

to allow vlan 50 in all trunk links

to make the ASA - C3750  a trunk link allowing at least  two vlans vlan 50 and the inside Vlan

to configure vlan based subinterfaces on the ASA

DO NOT configure an SVI in vlan 50 in any of your switches or the ASA can be bypassed.

Hope to help

Giuseppe

Beginner

Adding second ISP to my LAN, but in different building?

Thanks, that's exactly what I was thinking. Just needed confirmation from someone. Much appreciated!

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards