Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5505 with Backup ISP

I am working with a client that currently has an ASA 5505 with two ISPs for failover using a tracked interface.  I would like to configure logging so that the ASA will email us when the Primary ISP goes down and fails over to the backup.  Here is what I have so far...

interface Ethernet0/0

switchport access vlan 2

!

interface Ethernet0/1

switchport access vlan 12

!

interface Ethernet0/2

speed 100

duplex full

!

interface Ethernet0/3

switchport access vlan 22

speed 100

duplex full

!

interface Ethernet0/4

switchport access vlan 22

!

interface Ethernet0/5

switchport access vlan 22

!

interface Ethernet0/6

!

interface Ethernet0/7

!

interface Vlan1

nameif inside

security-level 100

ip address 192.168.0.1 255.255.255.0

!

interface Vlan2

nameif outside

security-level 0

ip address 50.76.252.33 255.255.255.248

!

interface Vlan12

nameif backup

security-level 0

ip address 168.93.174.130 255.255.255.248

!

interface Vlan22

nameif Phones

security-level 100

ip address 192.168.3.1 255.255.255.0

!

logging enable

logging buffered warnings

logging asdm warnings

logging from-address SBP-ASA@sp.local

logging recipient-address tony@litterio.com level errors

route outside 0.0.0.0 0.0.0.0 DG-Commcast 128 track 1

route backup 0.0.0.0 0.0.0.0 DG-FirstCom 255

sla monitor 123

type echo protocol ipIcmpEcho 73.120.130.1 interface outside

frequency 10

sla monitor schedule 123 life forever start-time now

track 1 rtr 123 reachability

Let me know if you need any more info from the config; it's quite long and not sure what all is needed...

The primary interface is Outside and the backup is obviously Backup

Thanks!

Tony

Everyone's tags (5)
2 REPLIES

ASA 5505 with Backup ISP

Hi Tony,

As long as the event covered under 'errors' list - inaddition to the above config, you need to add..

loging mail errors

smtp-server

Check the below link for more information on ASA message logging..

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00805a2e04.shtml

hth

MS

New Member

ASA 5505 with Backup ISP

Ah, thanks! 

I am trying to trck down the Syslog messages that are generated when that backup line is triggered and the primary switches back.  I set the ASDM to debug and recorded a bunch of captures but all I can find that resembles anything about a switch over is 1 - 622001 error about adding the tracked route...  Do you have any idea what other syslog errors would be generated?

553
Views
0
Helpful
2
Replies
CreatePlease login to create content