Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
366
Views
0
Helpful
2
Replies

Two Active Internet Links?

Go to solution
marcosgeorgopoulos
Level 1
Level 1

‎06-10-2010 12:13 AM - edited ‎03-11-2019 10:57 AM

Hi Guys,

I know this can be done on other firewalls which support source based routing, but I was wondering if its possible on an ASA to have two active ISP connections? So for example if I wanted to force Network A's Internet traffic(which could be any public IP) to go out one ISP and force Network B's Internet traffic to go out another?

Could contexts be used to do this maybe?

cheers.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎06-10-2010 02:57 AM 

marcosgeorgopoulos wrote:
Hi Guys,
I know this can be done on other firewalls which support source based routing, but I was wondering if its possible on an ASA to have two active ISP connections? So for example if I wanted to force Network A's Internet traffic(which could be any public IP) to go out one ISP and force Network B's Internet traffic to go out another?
Could contexts be used to do this maybe?
cheers.

Marcos

Contexts would pretty much be the only way to achieve what you want assuming you have spare interfaces on the ASA for the context ie. do you have an inside interface for network A, one for network B and 2 interfaces for the outside connected to each ISP ? You could always use subinterfaces if you don't have spare physical interfaces.

Then with each context has it's own default-route ie. the relevant ISP.

Jon

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎06-10-2010 02:57 AM 

marcosgeorgopoulos wrote:
Hi Guys,
I know this can be done on other firewalls which support source based routing, but I was wondering if its possible on an ASA to have two active ISP connections? So for example if I wanted to force Network A's Internet traffic(which could be any public IP) to go out one ISP and force Network B's Internet traffic to go out another?
Could contexts be used to do this maybe?
cheers.

Marcos

Contexts would pretty much be the only way to achieve what you want assuming you have spare interfaces on the ASA for the context ie. do you have an inside interface for network A, one for network B and 2 interfaces for the outside connected to each ISP ? You could always use subinterfaces if you don't have spare physical interfaces.

Then with each context has it's own default-route ie. the relevant ISP.

Jon

0 Helpful

Go to solution
marcosgeorgopoulos
Level 1
Level 1
In response to Jon Marshall

‎06-10-2010 03:04 AM

Thanks John,

Yeah I had a hunch that would be the only way to go... Unfortunately the use of contexts would eliminate my ability to use the ASA VPN functionality.

ok, back to the drawing board.

Thanks again.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card