cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
325
Views
4
Helpful
1
Replies

Can ASA make PBR feature?

melatisariindah
Level 1
Level 1

Hi, I want to ask about ASA 5510.

I have 2 link to internet (int eth0 and int eth1).

I want to make rule like PBR in router. For example, I want 192.168.1.0/24 (inside) for internet go to eth0 and 192.168.2.0/24 (inside) for internet go to eth1. Can it be done by ASA?

Thx and best regards,

msi

1 Reply 1

Farrukh Haroon
VIP Alumni
VIP Alumni

The ASA/PIX does not support PBR to date. I've been told its on the roadmap.

As a work around, you could run multiple contexts, where contextA inside = 192.168.1.0/24 and contextB inside = 192.168.2.0/24

And also allocate the appropriate Internet interfaces to each context (with the default gateway pointing to the respective ISPs).

This link will get you started:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808d2b63.shtml

PLEASE NOTE: Dynamic Routing and VPNs are not supported in Multiple Context mode.

Another alternate, if the WAN links are terminated on a router (and not the firewall), you could use that router to do the PBR.

Regards

Farrukh

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: