Can ASA make PBR feature?

Unanswered Question
Jun 4th, 2008
User Badges:

Hi, I want to ask about ASA 5510.

I have 2 link to internet (int eth0 and int eth1).

I want to make rule like PBR in router. For example, I want 192.168.1.0/24 (inside) for internet go to eth0 and 192.168.2.0/24 (inside) for internet go to eth1. Can it be done by ASA?


Thx and best regards,

msi

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Farrukh Haroon Thu, 06/05/2008 - 02:32
User Badges:
  • Red, 2250 points or more

The ASA/PIX does not support PBR to date. I've been told its on the roadmap.


As a work around, you could run multiple contexts, where contextA inside = 192.168.1.0/24 and contextB inside = 192.168.2.0/24


And also allocate the appropriate Internet interfaces to each context (with the default gateway pointing to the respective ISPs).


This link will get you started:


http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808d2b63.shtml


PLEASE NOTE: Dynamic Routing and VPNs are not supported in Multiple Context mode.


Another alternate, if the WAN links are terminated on a router (and not the firewall), you could use that router to do the PBR.


Regards


Farrukh

Actions

This Discussion