Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Bottom line is I struggle with ACLs and I feel like there should be a simpler way to do than what I currently have implemented. We're providing network/wireless/internet resources to another "business" that is loosely associated with us. Obviously t...
I'm about to implement PBR on our ASA to route guest network traffic out of our secondary WAN connection. I do have a couple questions about the configuration though. Primary WAN Gateway: 165.XXX.XXX.129Secondary WAN Gateway: 206.XXX.XXX.1Guest Netwo...
I'm about to implement PBR on our ASA to route guest network traffic out of our secondary WAN connection. I do have a couple questions about the configuration though. Primary WAN Gateway: 165.XXX.XXX.129Secondary WAN Gateway: 206.XXX.XXX.1Guest Netwo...
We currently have a ASA5516 firewall and our core switch is a Cisco 4500X. The 4500X is doing all our internal routing between VLANS and has a default gateway pointing to the ASA for outgoing traffic. We recently got a secondary WAN connection and I...
I recently setup a backup/fail-over ISP using this guide: https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/118962-configure-asa-00.html We now want to switch over to the backup ISP as the primary for all...
Ahh, didn't think about the NATs needing the routes. The config is attached, I removed some info some it but the guts of it are still there. I haven't added in the PBR config to it though. !
ASA Version 9.8(4)
!
hostname xxxxxxx-asa
domain-name xxx...
By setting up a VLAN interface on the core with an IP address of 172.16.6.2, plugging the USG into that VLAN then giving the USG an IP of 172.16.6.1. Then I would add a static route in the core, something like this:ip route 10.255.10.0 255.255.255.0 ...
Sorry for not being more clear in my initial post. Pretty much the UniFi Security Gateway will be a second firewall that the second WAN terminates on. I’ll have a trunk connection between the USG and the 4500X. The USG’s only purpose though in this c...
