Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
561
Views
0
Helpful
4
Replies

Cisco ASA Load sharing between two ISP's

Go to solution
alundin31
Level 1
Level 1

‎06-27-2008 06:49 AM - edited ‎03-11-2019 06:06 AM

Hi everyone,

The problem I'm having is that I have four configured interfaces. Two of them going to two different ISP's with two different networks configured. We can call them 10.10.1.0/24 and 10.10.2.0/24. The other two can be 192.168.1.0/24 and 192.168.2.0/24.

The default route is 10.10.1.1 going to ISP #1 and 192.168.1.0/24 is PAT'ed to 10.10.1.20

The problem is that I want to PAT 192.168.2.0/24 to 10.10.2.10 and send that traffic to 10.10.2.1, going to ISP #2.

How would I set this up?

Regards

Andreas

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
a.alekseev
Level 7
Level 7

‎06-27-2008 10:01 AM

This is impossible with ASA, but possible with a router.

Only one possible way is to split your ASA in two context.

and associate 10.10.1.0/24 192.168.1.0/24 with first context and 10.10.2.0/24 192.168.2.0/24 with the second.

But is this case you will lose all vpn functionality.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
a.alekseev
Level 7
Level 7

‎06-27-2008 10:01 AM

This is impossible with ASA, but possible with a router.

Only one possible way is to split your ASA in two context.

and associate 10.10.1.0/24 192.168.1.0/24 with first context and 10.10.2.0/24 192.168.2.0/24 with the second.

But is this case you will lose all vpn functionality.

0 Helpful

Go to solution
alundin31
Level 1
Level 1
In response to a.alekseev

‎06-30-2008 02:02 AM

Thanks for you answer, appreciate it.

0 Helpful

Go to solution
meetnnnn_cisco
Level 1
Level 1
In response to alundin31

‎07-02-2008 07:36 AM

Hi, We are freshers going through the article. We couldnt understand clearly your problem and the solution provided. Can u please explain the same.

0 Helpful

Go to solution
a.alekseev
Level 7
Level 7
In response to meetnnnn_cisco

‎07-02-2008 09:44 AM

PIX/ASA cannot do load balancing as a router do.

PIX/ASA cannot do policy based routing as a router do.

The default route is 10.10.1.1 going to ISP #1 and 192.168.1.0/24 is PAT'ed to 10.10.1.20

The problem is that Andreas wants to PAT 192.168.2.0/24 to 10.10.2.10 and send that traffic to 10.10.2.1, going to ISP #2.

How can we do this?

using two separated ASA (physicaly or logicaly)

the first - for ISP #1 and 192.168.1.0/24

the second - for ISP #2 and 192.168.2.0/24

If we use logical separation we use contexts on ASA.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808d2b63.shtml

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card