Connection Cisco ASA

Unanswered Question
Mar 12th, 2008
User Badges:

Hi,


I want to connect my cisco ASA5505 directly to the routers of my provider. My provider has 2 separate router running HSRP in between. Can i connect port 1 of my asa to 1 provider router and port 2 to the other router, each configured as outside without placing a switch between asa and provider router?

I think it can as you create a default route to the hsrp address of the router interface and the hsrp will deliver it to the active router. So if 1 router fails it will deliver its traffic to the other? Is it also possible to build a vpn between other sites in this config?


I think it can but one of my colleagues is doubting about it.


Regards


J


Best regards


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
JORGE RODRIGUEZ Wed, 03/12/2008 - 15:31
User Badges:
  • Green, 3000 points or more

You have it right, yes you can, your asa can point its default route to hsrp address thats hsrp purpose router failover, and as you know trafic will go through active router and vice versa if active router fails standby becomes active and hrsp stays up.. as far as asa5505 already have a switch builtin, your outside interface if Im not mistaken is ethernet0/0 vlan 2 sec level 0, if you connect another port from asa to ISP standby router make sure is in vlan 2 just as your outside interface vlan.



HTH

Jorge

Actions

This Discussion