Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

[ISA570] Possible to ad a 0.0.0.0 route with a different metric ?

Hi

I just would like to know if it is possible to add a second 0.0.0.0 route with a superior metric in order to make internet avalaible from another gateway when the ISA570's WAN is down or inoperate ?

In my case, I have several Subsites, and computers have the local ISA570 on gateway, to take internet on local ADSL (via a local ISA's WAN).

But they can have Internet via another gateway, the one used to link subsites eachother (in that case, Internet is given by the ISA on the main site).

So, It could be very cool to configure a second route just in case the Local ADSL is down. In that case the ISA could route packets on my main site via the second 0.0.0.0 default route.

Possible ?

Thanks

Kevin

5 REPLIES

[ISA570] Possible to ad a 0.0.0.0 route with a different metric

You can't add additional default routes to the ISA.  That said, what you could do, as a possible workaround, is enable dual WAN on the ISA, plug WAN2 on the ISA into an open interface on your WAN router, assign that WAN Router interface a different subnet and apply an IP from that subnet to the WAN Router and ISA WAN2, update your routing tables on both sides of the WAN (if you're not using dynamic routing), and then enable failover on the ISA from WAN1 to WAN2.  One downside with this is that you would have double NAT'ing when running over the ISA WAN2 as your traffic would be NAT'd going through the local ISA and then NAT'd again by the ISA at the main site.

If your WAN router supports it, you could also look at VRRP but that would only take affect if the ISA itself went offline.

We're looking at doing something similar with one of our clients, but we're looking at leveraging GRE over IPSec using the WAN routers, which are Cisco 1841s, with a goal of full redundancy for not only the internet to fail back and forth between local and remote connections, but also to failover traffic between the dedicated connection and a VPN.  We've done a number of the GRE over IPSec with great success.  What we haven't done yet is to try to leverage GRE over IPSec with local traffic going over the dedicated connection and internet traffic via a local connection, and then failover each accordingly if one or the other drops.

Shawn Eftink
CCNA/CCDA

Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.

Shawn Eftink CCNA/CCDA Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.
Community Member

[ISA570] Possible to ad a 0.0.0.0 route with a different metric

Hi

Thanks for your answer.

I can't change my router MPLS routeur (it a provider one).

In the future, it will be possible to add a default route ?

Re: [ISA570] Possible to ad a 0.0.0.0 route with a different met

Kevin,
I wouldn't expect that to be added functionality mostly due to the fact that the ISA is set to go EoL in just over a year. As such, I don't expect many, if any, features to be added. Probably just stability patches. Perhaps someone from Cisco can comment on this one as well.

Sent from Cisco Technical Support iPhone App

Shawn Eftink CCNA/CCDA Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.
Community Member

Re: [ISA570] Possible to ad a 0.0.0.0 route with a different met

Sorry but what does it mean "EoL" ?

The ISA5xx is not a newest product, released at the end of 2012 ?

Re: [ISA570] Possible to ad a 0.0.0.0 route with a different met

EoL and EoS are commonly utilized terms.  EoS is End-of-Sale meaning the last day Cisco will sell a particular product.  EoL is End-of-Life meaning the day that Cisco announces that they will be discontinuing a product or product line.  On August 15th, Cisco announced EoL for the ISA500 series appliances.  End-of-Sale will be November 14th, 2013.  Last Software maintenance and End of Phone Support will be November 14th, 2014.  Last day of support will be November 30th, 2016.  Please see the link below for more information.

http://www.cisco.com/en/US/products/ps11752/prod_eol_notices_list.html

I agree that this is a new product that was recently released, but the decision by Cisco, sadly enough, has already been made.

Shawn Eftink
CCNA/CCDA

Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.

Shawn Eftink CCNA/CCDA Please rate all helpful posts and mark correct answers to assist others searching for solutions in the community.
521
Views
0
Helpful
5
Replies
CreatePlease to create content