Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
755
Views
0
Helpful
3
Replies

ASA 5505 Split traffic on dual ISPs

ivymike09
Level 1
Level 1

‎08-01-2012 07:28 AM - edited ‎03-11-2019 04:37 PM

I have an ASA 5505 current f/w & the security plus license (to get the 3 nameif interfaces). Can I split traffic between two ISPs, (VPN traffic to one destination on a T-1 on one VLAN, and all other traffic using DSL to another VLAN) and using a different nat policy on both? I know load balacing isn't supported, only failover. I was just wondering if there was a way to make this work.

Labels:
0 Helpful
3 Replies 3

varrao
Level 10
Level 10

‎08-01-2012 11:34 AM

Hi Michael,

Such load balancing might not be possible on the ASA.

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks,
Varun Rao
0 Helpful

Karsten Iwen
VIP
VIP

‎08-02-2012 10:52 PM

I see your setup a little different then Varun. Perhaps you can clarify your setup.

If you have a default route to your DSL and more specific routes to your remote networks and your VPN-Peers to your T1, then that is no load balancing, only a simple load sharing based on routing. And that is supported on the ASA. Your NAT can also be different based on the outgoing interfaces.

0 Helpful

nkarthikeyan
Level 7
Level 7

‎08-03-2012 05:21 AM

Hi Micheal,

All you can do is a static route which is specific to VPN peers/VPN subnets pointing to the T1 link. Rest all other traffic you can have a default route to DSL link.

Please do rate if the given information helps.

By

Karthik

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card