cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
286
Views
0
Helpful
1
Replies

ASA multi-site configuration question

gilesc
Level 1
Level 1

We have just had two internet lines installed and active 20mb and a backup 2mb. The two lines are in different sites connected by a LES 1000 for Disaster recovery - both sites are in the same town.

I need to configure some ASA firewalls to support the lines and have the one on the 20mb active with another on the 2mb passive. As far as I can see there are two ways of doing this.

1. Use LAN-based failover with one firewall on each site.

2. Keep the firewalls seperate broadcast routes into my ospf network (as a /32 address) with different costs to ensure traffic always goes to the primary device.

As an added complication the devices will be running IPSec VPNs.

Any advise of how best to proceed would be very useful.

I have attached a diagram of the current plan for information.

Giles Cooper

1 Reply 1

smalkeric
Level 6
Level 6

The configuration guide for configuring firewaal on ASA is present in the following url which will be useful to you in configuring firewall on ASA.Examples of configs are also present.

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/fwmode.html

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: