Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA5520 - Can I utilize two Outside ports on different ISPs?

Question:

We are in the process of migrating our ISP from two Sprint T1s to a 20Mb Fiber based connection. I have a new front end router(2911)  that will be in front of the ASA, and I have an empty interface on the ASA. Can I use both connections concurrently? I'm not trying to load balance or anything like that, and the new interface will have a new class C addresses. I want to be able to continue to use the T1s while I can slowly move services over to the new ISP and new interface on the ASA, and then eventually retire the original Outside interface for the T1s.

Is this possible? I figured that if I assign the interface the IP, setup the ACLs, and NATs, it would work, but I know that my default route, 0.0.0.0 is pointing to the IP of my router for my T1s.

Thanks in advance.

5 REPLIES
Cisco Employee

Re: ASA5520 - Can I utilize two Outside ports on different ISPs?

Unfortunately you can not have 2 default gateways concurrently pointing out from 2 different ASA interfaces. ASA is a stateful firewall, hence all traffic inbound and outbound should be symmetric, therefore, it can't have 2 default gateways pointing towards 2 different ASA interfaces.

Hope that answers your question.

Community Member

Re: ASA5520 - Can I utilize two Outside ports on different ISPs?

So would the suggestion to be make an all-in-one switch to the new ISP and public addresses?

Cisco Employee

Re: ASA5520 - Can I utilize two Outside ports on different ISPs?

Absolutely.. either L3 switch or router is capable of routing via different link.

I assume that your public range is already currently assigned to the current ASA outside interface, right?

Community Member

Re: ASA5520 - Can I utilize two Outside ports on different ISPs?

Yes I have IPs on my original Outside interface, and I will have a new

class C on this new interface.

On May 16, 2010, at 9:43 PM, "halijenn"

Cisco Employee

Re: ASA5520 - Can I utilize two Outside ports on different ISPs?

Assuming that after configuring the new interface with the new IP, you will be moving the default gateway on the ASA from the existing outside, to the new interface, right?

220
Views
0
Helpful
5
Replies
CreatePlease to create content