cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1600
Views
0
Helpful
5
Replies

Source Based Routing at ASA5520?

majaj
Level 1
Level 1

does ASA5520 support policy based routing

how to configure sourece based routing if its possible?

5 Replies 5

JORGE RODRIGUEZ
Level 10
Level 10

Mohammed, as far as I know the PIX/ASA's does not supports pbr.. if you explain what are you trying to do perhaps there could be other alternatives but as far as pbr configuration is concern in pix/asa it is just not posible.

Rgds

Jorge

Jorge Rodriguez

I have two IPS's , i want to send some traffic to one ISP and some traffic to other ISP based on source IP Address

This is possible, but i didnt try thiIs with firewall. I am currently running it on my cisco catalyst switch.

I have two routers connected with two different ISP and with different global Ip address pool.

These two routers inside interface are connected with cisco switch. This switch has the defualt route towards ISP A router.

On this switch i have configured the policy base routing.

route-map PBR permit 10

match ip address ISPB

set ip next-hop ISP B Router

access-list 101 permit ip ISP B global address pool any

By using this PBR, when my pix firewall nat the 172.28.32.0 network into ISP B global IP address, and send it to my catalyst switch. This switch send it

to ISP B Router as per the route map.

Rest of the traffic follows the default route. Bcz switch has the default route towards ISP A Router.

I never try this on firewall, but i think this is possible there also. you connect firewall two interface with two different ISP. Give default route

towards ISP A.

Then nat your one lan subnets into ISP A global address and 2nd lan subnet into ISP B global address.

Make the route map in firewall and set the next hop to ISP B.

make access-list that permits global IP address of ISP B.

Please let me know if that works or not.

Like someone said before PBR is not supported on ASA or PIX, but you can try configuring multiple context with different Default GWs.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808d2b63.shtml

onlyabhishek007
Level 1
Level 1

ASA does not support the policy based routing.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: