cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
379
Views
0
Helpful
3
Replies

Dual ISP ASA and Dual Failover

mikedelafield
Level 1
Level 1

We have 2 separate sites linked via a 10MB connection with an ISP connection at each site (these ISPs are also or will be BGP peers for each other).

At each site there is 1 ASA firewall with a 10MB link to the alternate sites ASA firewall.

If the firewall on one site is unavailable I would like the 2nd firewall to take over as default route for all the subnets behind them. The heartbeat messages between the ASAs will take place over the 10MB dedicated link between the sites.

I would like to know the best way to set up. Ie... Cluster or Active / Passive Failover?

Furthermore if anyone has set up something similar to this and used a BGP resiliency solution from their ISP provider to do something like this before?

Thanks for your help

3 Replies 3

abinjola
Cisco Employee
Cisco Employee

how are ASAs connected ?

Lan----ASA2---Router 1---ISP1

Lan----ASA2---Router 2--->ISP2

How is ASA1 and ASA 2 connected ?

there is a dedicated connection between the 2 sites and the ASAs

there is a dedicated connection between the 2 sites and the ASAs

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: