Cisco ASA5510 & Policy Based Routing

Unanswered Question
May 24th, 2010

Hi there,

We are proposing Cisco ASA 5510 to one of our customers. They intend to have two internet links - one ADSL Link and One Leasedline. The need us to configure the ASA to forward all internet traffic via ADSL links and use leased line for email and SAP traffic.

Can this configuration be done in Cisco ASA without any problems. Please advice me on any working configuration and reference files.

Thanks,

Arjun

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
Federico Coto F... Mon, 05/24/2010 - 06:53

Hi,

The ASA can handle this with no problems.

Just keep in mind that all interfaces on the ASA are ethernet interfaces and you cannot connect a DSL or serial link directly (you can with a converter).

Also, the ASA can have two ISPs with redundancy (not with load balancing).

Here's the data sheet for your reference:

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/product_data_sheet0900aecd802930c5.html

Hope to help.

Federico.

arjun-hegde Mon, 05/24/2010 - 07:06

Hi /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin;} Federico,

I am still not confident. My priority is to split the http traffic to adsl internet link(ISP link1) and  forward only email and SAP application traffic to leased line (ISP Link 2).

Please help me confirm or let me know if you have any working configuration.

Regards,

Arjun

Jon Marshall Mon, 05/24/2010 - 08:14

arjun-hegde wrote:

Hi Federico,

I am still not confident. My priority is to split the http traffic to adsl internet link(ISP link1) and  forward only email and SAP application traffic to leased line (ISP Link 2).

Please help me confirm or let me know if you have any working configuration.

Regards,

Arjun

Arjun

The ASA does not support PBR so you cannot do this. If you have a pair of firewalls you could run an active/active pair of contexts so that each context could have it's own default-route back out to the relevant ISP.

Jon

Ben Johnson Sun, 11/21/2010 - 18:59

So what would be a recommended solution to this situation?

That is also cost effective.

Ben Johnson Sun, 11/21/2010 - 20:40

Just found that document.  It wasn't here when I was trolling back a few months ago.

Thanks!

Actions

This Discussion

Related Content