Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

2 ASA 5510's and multiple internet connections

We have implemented multiple ASA 5510's. One with the AIP module and the other will have the CSC module. We have two bonded T1 lines but we want to implement a faster internet connection .

Here is the reason we would like to implement a faster connection. Our users use several web based applications. Some are inhouse and the others are SAS applications and thus internet traffic is really slow. So for the mean time until our faster connection arrives, we thought we could possibly do the following if possible

1. Order a faster internet connection (cable) for web browsing for the users and have them still have the ability to access the internal LAN

2. Leave our existing connection as is to service mail servers, websites, etc.

We have been told of load balancers and about purchasing another router, etc...So wanted to find out if this is possible to do with the two ASA 5510's

Thank you

Jose DeLeon

5 REPLIES
New Member

Re: 2 ASA 5510's and multiple internet connections

What kind of switches do you have on the LAN ?

Cisco Employee

Re: 2 ASA 5510's and multiple internet connections

If you have 2 T1s, I am not sure how you can make your lines faster. The bandwidth you have is limited.

Do you mean that you want to use both lines lead balancing between the ASAs having both pass traffic?

Hmmm, that can be done in an with multi-context ASA set up. You have 2 contexts on the ASAs. One context is passing traffic through one T1, and the other is passing traffic for the other T1. That way you are utilizing both contexts connected to 1 T1 each. Of course they will need to be some Policy Based routing/or Routing setup in general so that half the traffic goes to one context and the rest to the other.If the ASA's are doing VPN, you cannot go to multi-context mode though.

I hope it helps.

PK

New Member

Re: 2 ASA 5510's and multiple internet connections

Hi

If I read your Q correctly..

Long story short to your answer is "no", unless..you know the destination address of the Web based applications, you could define static routes for these and then send all other traffic over your fast connection.

Cisco Employee

Re: 2 ASA 5510's and multiple internet connections

If I read your Q correctly..

Long story short to your answer is "no", unless..you know the destination address of the Web based applications, you could define static routes for these and then send all other traffic over your fast connection.

You are right. Unless you have a way to distinguish what traffic takes one path and what the other you can't do it. So you would need to distinguish the destinations for example, or the destination ports (services) that go one way and the other in order to segment the traffic like that.

I hope it makes sense. Please rate helpful posts.

PK

Cisco Employee

Re: 2 ASA 5510's and multiple internet connections

ASA not a load balancer, but if you can clarify that you need outbound

http traffic from T1 line and rest of the traffic from T2 line than I can give you a workaround

685
Views
0
Helpful
5
Replies