Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

creating a dual path from firewall to the lan


I have a very generic setup right now, it is like this:

asa --> catalyst switch --> wan

i need to put a proxy server between the switch and the firewall and it supports ospf (it's not cisco so no eigrp), i have 2 asa's and 2 switches but only 1 proxy server so am looking to connect the asa to the proxy server and a bypass directly to the catalyst in case the proxy fails.  I want the primary path from the firewall to go through the proxy and if that fails the routing to go directly to the switch.

should i use ospf between the three devices or eigrp between the firewall and switch and ospf between the firewall and  proxy?

how do i control the routes such that the traffic goes through the proxy and over the bypass if the proxy fails?

VIP Super Bronze

creating a dual path from firewall to the lan


You can run OSPF, but you have to change the cost on the interface connecting the ASA directly to the switch so it is higher then the interface that connects the firewall to the proxy directly.  If not ASA to switch would be the primary which you don't want.