cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2269
Views
0
Helpful
2
Replies

Floating static route on ASA

songwh911
Level 1
Level 1

I have 2 floors and 3 ISPs in my company network, and I would like to implement ISP failover with static route. (diagram attached)

 

For Floor 2, ISP failover is set up with IP SLA tracking.

What I want to achieve is that, for Floor1, if ISP1 fails, I want to redirect everything to the other firewall (192.168.100.2) and go through ISP2, then ISP3.

I tried to do it by pointing to destination address to 192.168.100.2 with higher metric (205) with tracking, failover didn't work. (route p2p 0.0.0.0 0.0.0.0 192.168.100.2 205 track 10)

 

for ASSA5516 on the left, I have a static routes set up like this.

route p2p 0.0.0.0 0.0.0.0 192.168.100.2 205 track 10
route outside 0.0.0.0 0.0.0.0 1.1.1.2 95
route p2p 10.6.50.0 255.255.255.0 192.168.100.2 200
route p2p 10.6.51.0 255.255.255.0 192.168.100.2 200
route p2p 10.6.225.0 255.255.255.0 192.168.100.2 200

 

NAT rules is setup on the FTD on the right.

 

Can I get some help with this? Thanks in advance!

2 Replies 2

lresp
Level 1
Level 1

please include your track configuration, also, are you advertising the valid default route from the device to the other with a routing protocol?

sla monitor 10
 type echo protocol ipIcmpEcho 1.1.1.2 interface outside
 num-packets 3
sla monitor schedule 10 life forever start-time now

 

I only have static routes in my environment, so no advertising default route, unless I'm missing some knowledge about route advertising..

Review Cisco Networking for a $25 gift card