08-01-2012 07:28 AM - edited 03-11-2019 04:37 PM
I have an ASA 5505 current f/w & the security plus license (to get the 3 nameif interfaces). Can I split traffic between two ISPs, (VPN traffic to one destination on a T-1 on one VLAN, and all other traffic using DSL to another VLAN) and using a different nat policy on both? I know load balacing isn't supported, only failover. I was just wondering if there was a way to make this work.
08-01-2012 11:34 AM
Hi Michael,
Such load balancing might not be possible on the ASA.
Thanks,
Varun Rao
Security Team,
Cisco TAC
08-02-2012 10:52 PM
I see your setup a little different then Varun. Perhaps you can clarify your setup.
If you have a default route to your DSL and more specific routes to your remote networks and your VPN-Peers to your T1, then that is no load balancing, only a simple load sharing based on routing. And that is supported on the ASA. Your NAT can also be different based on the outgoing interfaces.
08-03-2012 05:21 AM
Hi Micheal,
All you can do is a static route which is specific to VPN peers/VPN subnets pointing to the T1 link. Rest all other traffic you can have a default route to DSL link.
Please do rate if the given information helps.
By
Karthik
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide