multplie gateways- one for HTTP traffic

itatcapital · ‎09-26-2006

Hello,

My network atthe moment is set up as:

WAN, with three sites

Site 1

Site 2

Site 3

Site 1 is behind a non-Cisco firewall, which is connected to the internet via a Frame Relay link (using a Cisco 1721 router). We host a number of servers on the Internal network and DMZ's.

All sites connect to the WAN using Cisco routers or switches.

All internet traffic (IN and OUT) for all sites goes via the non-Cisco firewall.

I am interested in the ASA 5510 with six interfaces.

Using the ASA 5510 is it possible to set up two (2) internet connections, one via the Frame Relay and a second internet connection via an ADSL connection?

Then, is it possible to direct the outward-bound traffic via specific gateways based upon either:

(a) the type of traffic, say HTTP from users behind the firewall; or

(b) the IP addresses of the host (i.e. users' PC versus the servers)

Any assistance is welcome.

Kind regards, Adrian

royalblues · ‎09-26-2006

Hi,

I use PBR in my router to force specific traffic via a specific interface.

The firewall does a PAT and these PAT ip address are diffrent for both the providers.

say HTTP traffic is patted to 1.1.1.1 and other traffic is patted to 2.2.2.2

I use policy on my edge router to make the decisions

route-map ADSL permit 10

match ip address 101

set ip next-hop

access-list 101 permit host 1.1.1.1 any

ip route 0.0.0.0 0.0.0.0

HTH

Narayan

itatcapital · ‎09-27-2006

Hi Narayan,

Thanks for the reply. It seems possibel then to send my outgoing HTTP traffic generated by users to another gateway.

The ASA 5510 uses a graphical interface (not sure if there is a CLI for that device), so do you know if it is still possible?

Kind regards,

IT@C