Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

2 ISP on ASA

Hello Experts

Looking at this example i found Two ISP can be terminated on ASA, Our requirement is to send HTTP traffic via ONE ISP and VPN traffic on Second ISP

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml#diag

Hope to get some help

Warm Regards

Joe

4 REPLIES

2 ISP on ASA

Hello Joe,

That is correct, what you are looking is a PBR implementation witch is not supported on the ASA BUT you can use this link my friend, witch based on your requirements it should do it:

https://supportforums.cisco.com/docs/DOC-15622

Regards,

Do rate all the helpful posts

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Community Member

2 ISP on ASA

Si Julio

Thanks for sharing the url, what i understand from the url is to have Router and terminate both Internet link on it

ASA dont support two ip on the same interface so what IP I would configure between ASA and Internet Router.

Warm Regards

Joe

Community Member

2 ISP on ASA

Hi Julio

In the document you provided one of the solutions talk about "Route traffic based on destination ports". What are the ports if I need to pass through second ISP the VPN traffic?

Kind Rgards

Javi

Community Member

2 ISP on ASA

HI Joe,

A question about the VPN you are talking about : is it a site2site VPN where the Peer VPN ip address is well known ?

If yes, in that case, a solution would be to configure 2 static routes :

* one default for HTTP trafic (and all any other trafic than the VPN one)  via SP1

* one specific for the VPN peer ip address via SP2

Hope that help.

Vincent

1370
Views
0
Helpful
4
Replies
CreatePlease to create content