03-09-2008 08:40 AM
does ASA5520 support policy based routing
how to configure sourece based routing if its possible?
03-09-2008 06:38 PM
Mohammed, as far as I know the PIX/ASA's does not supports pbr.. if you explain what are you trying to do perhaps there could be other alternatives but as far as pbr configuration is concern in pix/asa it is just not posible.
Rgds
Jorge
03-09-2008 11:22 PM
I have two IPS's , i want to send some traffic to one ISP and some traffic to other ISP based on source IP Address
03-10-2008 02:26 AM
This is possible, but i didnt try thiIs with firewall. I am currently running it on my cisco catalyst switch.
I have two routers connected with two different ISP and with different global Ip address pool.
These two routers inside interface are connected with cisco switch. This switch has the defualt route towards ISP A router.
On this switch i have configured the policy base routing.
route-map PBR permit 10
match ip address ISPB
set ip next-hop ISP B Router
access-list 101 permit ip ISP B global address pool any
By using this PBR, when my pix firewall nat the 172.28.32.0 network into ISP B global IP address, and send it to my catalyst switch. This switch send it
to ISP B Router as per the route map.
Rest of the traffic follows the default route. Bcz switch has the default route towards ISP A Router.
I never try this on firewall, but i think this is possible there also. you connect firewall two interface with two different ISP. Give default route
towards ISP A.
Then nat your one lan subnets into ISP A global address and 2nd lan subnet into ISP B global address.
Make the route map in firewall and set the next hop to ISP B.
make access-list that permits global IP address of ISP B.
Please let me know if that works or not.
03-16-2008 03:38 AM
Like someone said before PBR is not supported on ASA or PIX, but you can try configuring multiple context with different Default GWs.
03-16-2008 09:39 PM
ASA does not support the policy based routing.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: