Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Cisco ASA5505 and 2 internet sources

I have 2 internet providers. How can set ASA

so on interface 0 I will have provider #1 with interface IP 192.168.1.1

and on Interface 1 provider #2 with interface IP 192.168.1.2

Then I'd like to have 5 computers with gateway 192.168.1.1 and another 5 with gateway 192.168.1.2

Is it possible ?

I know ASA offers just simple failover not load balancing like some cheap routers but I don't want failover just 2 gateways.

Thanks,

3 REPLIES

Re: Cisco ASA5505 and 2 internet sources

Hi Adam

Im a bit confused here. Would the 5 PCs on the same broadcast domain as internet router, and still pass through ASA ?? Its good to have firewalls do blocking on layer 3 !

Anyways, with regards to your question, you need to have ASA configured on multicontext mode to do effective load balancing.. with normal licenses, its tough to do load sharing, as the scenario you gave... you do can have dual default gateways on ASA, but the exact scenario you gave with 5 PCs pointing to one router, and 5 PCs onto a different router is not possible through ASA.. If you dont need ASA's, you can put the PC's directly on layer 2 with the router...

Regards

Raj

Community Member

Re: Cisco ASA5505 and 2 internet sources

Currently I have Cisco ASA5505 connected to T1 provider and

simple SMC router/firewall connected to Comcast.

:

T1 -> port0 ASA5505 -> port 2 LAN switch (ASA port2 IP 192.168.1.1) - 5 computers have this as a gateway.

Comcast-> SMC -> same LAN switch (SMC internal IP 192.168.1.2) - other 5 computers have this as a gateway.

I want to dispose SMC router and have ASA5505 to do the same job.

Hope this will clerify my original question.

Thanks

Cisco Employee

Re: Cisco ASA5505 and 2 internet sources

Or the ASA can run at layer 2, by being in transparent.

Routed mode makes it a L3 hop, and transparent makes it a bridge that firewalls.

I hope it helps.

PK

394
Views
0
Helpful
3
Replies
CreatePlease to create content