How to connect 5 ISP connections to Cisco ASA A/S Pair w/ Security Plus
Problem Details: HI -
I have a pair of Cisco ASA 5510's with Security Plus Licensing setup in Active/Standby
mode. I also have the AIP SSM device in each ASA.
At the main office there are 5 ISP connections. But only one of them goes through the ASA
pair. Between the two firewalls and the ISP i have a switch. The switch has the ISP
connection plugged in, then a wire going to each of the ASA's.
The other ISP connections go through their individual routers, then connect to our network
bypassing the Cisco ASA's.
They are used as follows.
ISP 1 - Internet (150Mb/s down, 35Mb/s up)
ISP 2 - SAN Replication (35Mb/s down, 35Mb/s up)
ISP 3 - AnyConnect VPN for remote staff (50Mb/s down, 10Mb/s up)
ISP 4 - Multiple bonded MPLS T1's for branch access (Terminal services and IP phones)
ISP 5 - 4G Internet (25Mb/s Up, 25Mb/s Down)(Not currently used)
My goal is to have all 5 ISP connections ultimately run through the ASA Pair. I added a crude picture of the desired setup. Sorry, i'm not at my PC so had to use MS Paint.
Is this a wise idea?
What hardware below do you recommend to make the following happen? I have spare 2811 Routers.
From what I understand I need to do PBR (Policy Based Routing), but have no idea what
hardware i would need.
1)Have each ISP connection failover to the ISP of my choosing. For example, I want ISP
1 to failover to ISP 2, and if ISP 3 is down then have it failover to ISP 5.
2) Have a Failover ISP link be active while waiting for a failover to happen. For example,
ISP 2 be active for SAN replication while it is waiting for ISP 1 to fail and if ISP 1
fails I don't want it to interrupt the current activity on ISP 2.
3) I want my AnyConnect VPN to failover between ISP 3 and ISP 5.
ENCS 5400 is a purpose built compute platform for branch networking. Multiple VNFs (virtual network functions) can be hosted in the ENCS platform with flexible connectivity options.
There are multiple Layer2 software and hardware entities in a typi...
how do we restrict a router interfaces from directly connected to Some vlans? can any one help me to figureout?the question is Router should not have interfaces directly connected to Vlan 30 and Vlan 40
I've got a one problem. Me and my friend have the same ISP. I checked my External IP address at WhatIsMyIp.com and my friend do it to. And we saw we have the same External IP.So my question is can 2 routers have the same External IP address?If i'm right 2...
LISP Protocol (Location Identifier Separation Protocol)! - The LISP protocol has become a brilliant stardom with the digital transformation that we are now experiencing. - Today we will talk about the LISP protocol and its advantages and method of p...