Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Dual ISP support on Cisco ASA 5520

1) At present we are having ISP1 terminated directly on ASA firewall ethernet interface(say eth0). Currently this link is being used for Internet browsing.

2) We are planning to have ISP2, which will b terminated on to another ethernet interface of ASA firewall(say eth2). Planning to use this ISP2 dedicated for IPsec site to site VPN with remote office.

Once the above config works..

3) We wish to use these two links in redundant mode .. for ex..if ISP1 goes down all the internet users traffic must be flow through ISP2, same way if ISP2 goes down, IPSec tunnel traffic to b flown through ISP1.

Let me know above requirement can b fulfilled with ASA box.

Thanks,

Siva

3 REPLIES
Silver

Re: Dual ISP support on Cisco ASA 5520

Hello,

ASA does support dual ISP. This can be accomplished by using the track option. Below you can find a document that shows how can this be implemented.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml

Hope this helps,

Appreciate your rating,

Regards,

New Member

Re: Dual ISP support on Cisco ASA 5520

Siva,

Follow the example below and let me know if you have specific questions.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml

Please rate if you find the provided information useful

New Member

Re: Dual ISP support on Cisco ASA 5520

This looks like an interesting solution for the 'local' side, ie, your ASA. But you mention that there's an L2L IPSec tunnel between this device and another. Presumably, the other device has a map pointing to this ASA as its VPN peer.

This proposed solution does not encompass any way to tell this other device that 'map 1 is down use map 2'. Unless you have an ASA at the other side of your tunnel that can also use this feature?

regards

Gary

278
Views
0
Helpful
3
Replies
CreatePlease to create content