cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4228
Views
0
Helpful
3
Replies

ASA 5505 with two ISP connections

mohammed.amer
Level 1
Level 1

I have an ASA 5505 with two internet connections to two different ISPs, i followed the document "ASA/PIX 7.x: Redundant or Backup ISP Links

Configuration Example

Document ID: 70559" in cisco site and it succeeded to move from the main ISP connection to the Backup ISP due to the failure in the main ISP connection , but the problem is that the firewall doesn't return back to the main ISP connection when it comes up again

anybody can help??

3 Replies 3

JORGE RODRIGUEZ
Level 10
Level 10

Could you post the asa config.

Rgds

Jorge

Jorge Rodriguez

bluisana
Level 1
Level 1

Were you able to make this work?  Is there a way to send notifications when the connection switches to failover or back to the main connection?

Yes, when a failover occurs it will log that in the syslogs and you can have these logs sent over as e-mail alerts.

Pls. refer here:

http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/l2.html#wp1773126

hostname(config)# logging mail critical

hostname(config)# logging from-address ciscosecurityappliance@example.com

hostname(config)# logging recipient-address admin@example.com

hostname(config)# smtp-server pri-smtp-host sec-smtp-host

I had answered something similar on another thread which you can read here:
https://supportforums.cisco.com/thread/2004158;jsessionid=8637C493FE7EE5B5A436EAEEAABE9C37.node0?tstart=0

CSCtc16148
CSCsk65652

Check them both out. Neither of them is resolved yet.

Symptom:

Route Tracking may fail to fail back to the primary link/route when restored.

Conditions:

SLA monitor must configured along with ip verify reverse path on the tracked interface.

Workaround:

1. Remove ip verify reverse path off of the tracked interface

or

2. add a static route to the SLA target out the primary tracked interface.

Further Problem Description:

N/A



-KS
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: