I have a network where I use two separate ISP connections on different locations within the same building. I would like to install an ASA 5520 to each connection as we don't have any firewall at the moment. Some of my traffic from one segment to the other is going through externally. I would like to connect the two ASA so internal traffic is routed between them and not externally. Is that possible or is there another way? Thank you.
You could setup a layer3 link using a /30 private address between both core switches so that you route your internal traffic between both switches. Each side would use its own ASA for route to the internet.
Let say we have the following subnets:
Location A: 10.1.10.0/24
Location B: 10.1.20.0/24
Location A G0/0
desc connecting to Location B G0/0
ip address 10.2.2.1 255.255.255.252
ip route 10.1.20.0 255.255.255.0 10.2.2.2
ip route 0.0.0. 0.0.0.0 10.1.10.254 (ASA internal address)
Location B G0/0
desc connecting to Location A G0/0
ip address 10.2.2.2 255.255.255.252
ip route 10.1.10.0 255.255.255.0 10.2.2.1
ip route 0.0.0. 0.0.0.0 10.1.20.254 (ASA internal address)
You could get fancy and setup EIGRP and IP SLA or PBR to redundancy for Internet for each side but is another story.