Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
246
Views
0
Helpful
1
Replies

routing from catalyst 4510 to two ASA

hwalden01
Level 1
Level 1

‎06-23-2016 11:09 AM - edited ‎03-08-2019 06:20 AM

I'm sure that this is simple and I'm trying to make it more complicated than it possibly is but here is what I'm trying to do. 

I have a catalyst 4510 and I'm trying to filter where the traffic from our servers goes out one ASA and then the traffic from the users goes out the other. 

What is the best practice to accomplish this?

Labels:
0 Helpful
1 Reply 1

Francesco Molino
VIP Alumni
VIP Alumni

‎06-23-2016 11:44 AM

Hi

For what you want to do, I will proceed with the 2 ASA in active/active (multiple context). For sure more details on your desired design could tell that maybe this is the wrong the solution.

You can do search on Cisco website about active/active. Let me paste a documentation :

http://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/ha_active_active.html#83388

The minding is:

  1. let's says you ASA1 and ASA2
  2. On ASA1 and 2 you create 2 contexts (1 production and 1 user)
  3. You make ASA1 primary for production context and ASA2 as secondary
  4. You make ASA2 primary for user context and ASA1 as secondary
  5. Then traffic for production (servers) will pass ASA 1 and fallback to ASA2
  6. The invert for user context

Hope this is clear.

Does that make sense for you?

Thanks

PS: Please don't forget to rate and mark as correct answer if this solved your issue


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful
Customers Also Viewed These Support Documents