Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

multplie gateways- one for HTTP traffic

Hello,

My network atthe moment is set up as:

WAN, with three sites

Site 1

Site 2

Site 3

Site 1 is behind a non-Cisco firewall, which is connected to the internet via a Frame Relay link (using a Cisco 1721 router). We host a number of servers on the Internal network and DMZ's.

All sites connect to the WAN using Cisco routers or switches.

All internet traffic (IN and OUT) for all sites goes via the non-Cisco firewall.

I am interested in the ASA 5510 with six interfaces.

Using the ASA 5510 is it possible to set up two (2) internet connections, one via the Frame Relay and a second internet connection via an ADSL connection?

Then, is it possible to direct the outward-bound traffic via specific gateways based upon either:

(a) the type of traffic, say HTTP from users behind the firewall; or

(b) the IP addresses of the host (i.e. users' PC versus the servers)

Any assistance is welcome.

Kind regards, Adrian

2 REPLIES

Re: multplie gateways- one for HTTP traffic

Hi,

I use PBR in my router to force specific traffic via a specific interface.

The firewall does a PAT and these PAT ip address are diffrent for both the providers.

say HTTP traffic is patted to 1.1.1.1 and other traffic is patted to 2.2.2.2

I use policy on my edge router to make the decisions

route-map ADSL permit 10

match ip address 101

set ip next-hop

access-list 101 permit host 1.1.1.1 any

ip route 0.0.0.0 0.0.0.0

HTH

Narayan

New Member

Re: multplie gateways- one for HTTP traffic

Hi Narayan,

Thanks for the reply. It seems possibel then to send my outgoing HTTP traffic generated by users to another gateway.

The ASA 5510 uses a graphical interface (not sure if there is a CLI for that device), so do you know if it is still possible?

Kind regards,

IT@C

199
Views
0
Helpful
2
Replies
CreatePlease login to create content