Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
471
Views
0
Helpful
1
Replies

ASA - Inbound traffic on backup ISP connection

deyster94
Level 5
Level 5

‎11-04-2011 07:51 AM - last edited on ‎03-25-2019 05:47 PM by Community Manager

I have a client that has an ASA5520 that has two internet connections, FIOS and Comcast.  The ASA is configured to failover from the FIOS to the Comcast if the FIOS fails.  This works perfectly fine.  However, I was wondering if VPN and other inbound traffic will come into the secondary connection when it is active.  I think VPN will work inbound when the FIOS connection fails, but I am not sure about the other inbound connections.  I have looked around the forums and Cisco.com for an answer to this question, but cannot find anything definitive.

TIA,

Dan

Labels:
0 Helpful
1 Reply 1

Maykol Rojas
Cisco Employee
Cisco Employee

‎11-04-2011 10:03 PM

Hi,

No, you will need to add statics on the other link and if possible, either configure DDNs or create two entries on the DNS servers, one with the FIOS and the other with comcast.

For example if you have a Webserver, that device will need to have two public IPs, hence two static translations. That way, if the first link goes down, the client will try to use the other IP and of course will use the secondary link and then the secondary static nat entry will take effect.

Mike

Mike
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card