ASA5520 with multiple WAN. Require vlan and fileover
We have a ASA5520 with the 4 onboard ports.
DMZ LAN and Inside LAN take two of these ports. Currently we have 3 WAN connections (from 3 different sevice providers) and may get some more in the future.
Can we put all the WAN connections into the one interface using vlans ? And also is it possible to do failover with this type of set up ? That is if one WAN link goes down traffic can be routed out another vlan ?
What is the best way to do this set up ? Can you use floating static routes maybe ?
(Unfortunately, the expansion slot is reserved for an IPS card so we dont have the option to add in an SSM 4GE card to get more intercfaces )
Re: ASA5520 with multiple WAN. Require vlan and fileover
The failover on an ASA is just for chassis failover. Meaaning that it can not detect a failed WAN connection and reroute to the other firewall. A router can do what you require, then you could route the traffic to the firewall. You can trunk multiple VLANs on a single ethernet port, assuming you have the correct licensing.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...