Re: ASA 5520 with two Internet Links

titomen77 · ‎07-20-2009

Hi,

I would like to know the best way to deploy a topology with 1 ASA 5520 and 2 Internet links. As the firewall doesn't make routing do I need a router between the ASA and the modems? or the ASA can handle the routing issue?

Also I have some doubts about the network addressing between the modems and the outside interface??

What is the best practice in this case?

mvsheik123 · ‎07-20-2009

Hi,

If you are going with static routes (no BGP kind of scenario) with 2 ISPs , the ASA can handle the failover. See the link below..

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml

hth

MS

titomen77 · ‎07-20-2009

Hi,

well in this case the reason why we have 2 links is because one of them handles the public services (mail,DNS,WEB) and the other one is for internet browsing for internal users.

Does the topology suggested also works with the one that I have?

There is no failover or load balancing between the links.

mvsheik123 · ‎07-20-2009

In this case, I will go by assigning ISP1 IPs to mail,DNS,WEB servers and Internet traffic used with ISP2 IP (for global).

hth

MS

Kureli Sankar · ‎01-18-2011

Pls. refer this link as well. I have added a few good options and suggestions:

https://supportforums.cisco.com/docs/DOC-13015

-KS