cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
941
Views
0
Helpful
11
Replies

Need router dual Wan in front of ASA

markworsnop
Level 1
Level 1

I need to route based on the policy rules. ASA doesnt seem to do that, I want the business traffic on one WAN and the Internet and VOIP on the 2nd WAN. I was thinking the 1811 will do this. I already have an ASA working but cant route. Any suggestions?

11 Replies 11

paolo bevilacqua
Hall of Fame
Hall of Fame

Get the router.

When configured properly, you will find that you don't even need the asa anymore.

Mark,

ASA can't do that.

You can use cisco 1811 router to do that. Just create ACLs to classify traffic you want to redirect to each WAN link. If they are internet links please pay special attention to NAT.

HTH,

Toshi

I knew ASA couldnt do this, is the 1811 the right model? Sounds like it has the 2 WANS. Why wouldnt I need the ASA any more?

Mark,

You still need ASA for doing firewall jobs. Cisco 1811 router supports PBR. However it depends on how much traffic you are going to send them out of 2 Wan links. PBR is done on the process switch. You may check by using a "sh process cpu history" command when running this feature on. I used to configure Cisco 1721 router(2 internet links) for my customer with this features. It's fine. Like I mentioned, It depends. (grin)

HTH,

Toshi

Thank you very much for your help. I hate ordering the wrong stuff! :)

Mark,

I'm not sure that why you choose Cisco 1811 router. In case you want to add any WIC/HWIC for Wan interfaces. You may think about Cisco 1841 router. It has 2 WAN slots for you guys. (grin)

Edit: You need IOS feature set, IP services or higer for doing PBR on Cisco 1811 router(If you want to).

Note: I'm sleepy head now(4 Am). You may check things yourself. http://www.cisco.com/go/fn

HTH,

Toshi

I went to the comparison on the 1800 series and the 1811 was the 1st one that had 2 WANS. Why would the 1841 be better?

becase the router does a very good firewall also.

Leo Laohoo
Hall of Fame
Hall of Fame

Thank you very much for your help. I hate ordering the wrong stuff!

That's what e-bay is for. He he he ...

Joseph W. Doherty
Hall of Fame
Hall of Fame

BTW, how were you planning to control return traffic to WAN link?

Unless you control both directions with QoS, VoIP with any other traffic might degrade VoIP.

If you can provide QoS in both directions, unclear the advantage of placing traffic on dedicated links with PBR. Also, with PBR, gets a bit more complex assuming you want both links to "backstop" each other.

We have one internet connect we use for VPN to our other locations. Some of the locations are running RDP with the servers here.

The 2nd connection is supposed to be for the internet for the local office (here) just for uploading and downloading etc.

That is what started all of this. So I am hoping to route the http and ftp traffic on the one line, and the rest of it on the other line.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: