11-14-2006 11:25 AM
Hello. Is it possible on an ASA5520 to utilize X2 WAN links to the internet, both T1 lines with different ISP?s; one for SMTP and one for VPN. Both interfaces are NAT?d and have connectivity. E0 is primary and has default route with a metric of 1 and E1 has a default route with a metric of 5. E0 is SMTP and E1 is for IPSEC. If I change the route metrics around the VPN works great, however the lower metric route has to be E0.
Is there some way to accomplish what I want to? As a work around I used a 506E for the SMTP but I?d rather use a single ASA. I suspect that this is a routing issue but I?m not sure if it?s possible to define routes on VPN tunnels on the same device.
Sincerely
11-15-2006 02:46 AM
What if you add a specific route to the ip address of the remote VPN peer to be routed to the same address as the default route of the E1 interface.
11-16-2006 08:41 PM
I tried that, but it didn't make any diff. I think the issue is when Phase 1 takes place it's routing out the default oute.
12-27-2010 04:05 AM
hi all,
i am also having the same scanrio,
is anybody got solution for this ?
thanks
cyril
12-27-2010 04:53 AM
Hi,
Unfortunately, such load balancing isn't possible on the ASA. At any point of time, we can have ony one default route active on it.
Cheers,
Prapanch
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide