ASA 5515-X - Make INTERFACE1 to WAN1, INTERFACE2 to WAN2

informatique · ‎08-12-2014

Hi

I have an ASA 5515 with a INSIDE interface, GUEST interface, WAN1 (fiber with public ip's pool) and WAN2 (ADSL with public IP).

I would like GUEST interface to use the WAN2 ADSL, and my INSIDE Interface to use the WAN1.

Is it possible ?

In my dream, I would all my users to use WAN2 ADSL link, et only my servers to use the WAN1, but i think that without PBR it will be impossible...

Thanks for your help

Kevin

nkarthikeyan · ‎08-13-2014

Hi,

For your scenario 1:

I would like GUEST interface to use the WAN2 ADSL, and my INSIDE Interface to use the WAN1.

Is it possible ?

Nope. This is not possible with asa, if you want you can make one isp as primary and other one as standby. But you cannot do seperation of wan traffic to each segements.

Scenario 2:

In my dream, I would all my users to use WAN2 ADSL link, et only my servers to use the WAN1, but i think that without PBR it will be impossible...

There will be a small workaround for this... in this case you can have the default route pointed to ADSL link and so your endusers will have the traffic router via ADSL link. You can use the other link for doing a static NAT or port-forwarding of your servers.... so this will be fine for incoming connection to servers from outside. But if a server initiates a traffic then it will take the generic ADSL path.

You can try this out in LAB and theen go in prod environment.

Regards

Karthik