Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
768
Views
0
Helpful
2
Replies

Outbound WAN Load balancing Does not work on ASA 5510

sberkovitz
Level 1
Level 1

‎08-20-2008 09:03 PM - edited ‎03-11-2019 06:33 AM

Hi There

I have a Cisco ASA 5510 with two WAN connections. WAN Interface #1 is configured statically with a static route, and this interface also handles all inbound traffic. WAN Interface #2 is a Cable Internet service, which I want to route all Outbound traffic through (since i dont get charged for bandwidth on this line) but I also want certain traffic, such as SMTP and RDP traffic to always go through Wan Interface #1.

I used to be able to do this easily on my SonicWALL PRO 2040. I was hoping the CISCO ASA 5510 would be able to do this as well but it seems that all I can accomplish is an Active/Passive style WAN Failover, whereby if the first WAN Interface stops responding to Pings (Based on setting up a Track) then the 2nd WAN Interface will start forwarding outbound traffic.

Is there a way to make both WAN Interfaces handle traffic? This is ONLY for Outbound traffic and not Inbound traffic.

Thanks.

Labels:
0 Helpful
2 Replies 2

Marwan ALshawi
VIP Alumni
VIP Alumni

‎08-20-2008 10:20 PM

with cisco u can achieve what you want easly with a feature called PBR however this feature not availabe with cisco ASA

what can suggest you is have a look at the following link it might be helpful for you as it is address an issue similer to urs but not the same

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml

note: with ASA active/active methodology you can achieve loadshareing but not load balancing regarding that with active/active u will not be able to use VPN because the Firewall will be operating in miltuple context mode !!

good luck

please, if helpful Rate

0 Helpful

Farrukh Haroon
VIP Alumni
VIP Alumni

‎08-21-2008 05:28 AM

As a temporary or band-aid type of solution you could put specific routes pointing out towards WAN interace # 1 for the RDP destinations. That is if you know before hand which sites you will be remotely connecting to. Otherwise this won't be possible with the ASA.

Regards

Farrukh

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card