Solved: Wan switch with two ISP connections.

Aykhan · ‎01-20-2022

Hi, in our organization we will get second ISP connection for redundancy. We have only one firewall (not ha pair) at the edge. I want to know if we need wan switch between ISP connections and firewall. What will the advantages be?

balaji.bandi · ‎01-20-2022

Not sure what model ISP, if the ISP offers Ethernet, you can directly connect to the Firewall depending on the model.

You have 2 options :

1. You can split the load between ISP and do the Failover.

2. Only Failover if one ISP Fail, failover other ISP :

simple example config helps you as below :

https://integratingit.wordpress.com/2019/11/24/asa-dual-isp-using-ip-sla/

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

Georg Pauwen · ‎01-20-2022

Hello,

not really sure what you are after. A switch in front of the firewall ?

Do you have an ASA ? If both ISP connections terminate on the same ASA, a switch would not add anything.

You can configure the ASA for ISP redundancy:

https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/118962-configure-asa-00.html

balaji.bandi · ‎01-20-2022