Multiple WAN connections, one firewall?

Unanswered Question

I am not sure if this is possible, and if it is, I am then not sure how this would be accomplished:

We will have 3 separate WAN connections provided by 3 separate ISP's coming into our office.  How may I set it up so that all three are firewalled using one ASA 5510?  I was told in passing that I could "just run them all through an edge router" then run that into the firewall, but upon further research, most routers are set to accept 1 WAN feed.  Is it possible to put a standard router outside of the firewall to combine the connections?  If so, what are the perils involved? 

We currently have 2 WAN connections with a small Watchguard appliance on each.  It would be nice to have one firewall appliance (the ASA 5510) and one edge router appliance (re-commission one of the Watchguards or another small router) to handle the whole situation. 

Obviously I am not a network administrator, but rather the "computer guy" naturally I am expected to wave my standard-issue magic "computer guy" wand and make it happen...that or press the "Any" key.  So please forgive my lack of knowledge on the subject.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Ganesh Hariharan Thu, 01/14/2010 - 00:07


It will best if you terminate your ISP links in router and do a Policy based routing based on the incoming traffic from LAN.I would suggest you to make setup in the below manner

                         ISP1 -----

                                                  Router---ASA--Local LAN

                         ISP2 -----

In this fashion you can configure load balancig of ISP and you can track the failure of ISP using IP SLA configuration in cisco routers.With the above setup only trusted traffic will be allowed in local lan which will be filtered by ASA.

Check out the below link on PBR to implement in routers

Hope that clear out your query !!




This Discussion