Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA 5505 Split traffic on dual ISPs

I have an ASA 5505 current f/w & the security plus license (to get the 3 nameif interfaces). Can I split traffic between two ISPs, (VPN traffic to one destination on a T-1 on one VLAN, and all other traffic using DSL to another VLAN) and using a different nat policy on both? I know load balacing isn't supported, only failover. I was just wondering if there was a way to make this work.

3 REPLIES
Red

ASA 5505 Split traffic on dual ISPs

Hi Michael,

Such load balancing might not be possible on the ASA.

Thanks,
Varun Rao
Security Team,
Cisco TAC

Thanks, Varun Rao Security Team, Cisco TAC
VIP Purple

Re: ASA 5505 Split traffic on dual ISPs

I see your setup a little different then Varun. Perhaps you can clarify your setup.

If you have a default route to your DSL and more specific routes to your remote networks and your VPN-Peers to your T1, then that is no load balancing, only a simple load sharing based on routing. And that is supported on the ASA. Your NAT can also be different based on the outgoing interfaces.

ASA 5505 Split traffic on dual ISPs

Hi Micheal,

All you can do is a static route which is specific to VPN peers/VPN subnets pointing to the T1 link. Rest all other traffic you can have a default route to DSL link.

Please do rate if the given information helps.

By

Karthik

551
Views
0
Helpful
3
Replies
CreatePlease to create content