Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Multihome BGP - ASA doing NAT, how to route ASA?

We have a Cisco ASA failover pair doing NAT. External to that we have a switch that connects to our two external internet routers. We are in the process of implementing BGP with our ISPs between the two routers. We have been assigned a Class C by each ISP for BGP routing. Both internal interfaces on the routers have external IPs--so I can't run HSRP?? What gateway would I point the Cisco ASA to?? I'm confused at how I should handle the IP addressing/routing from the ASA to the switch to the routers...

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: Multihome BGP - ASA doing NAT, how to route ASA?

We have the same setup. This can be done very easly. You need to run an IGP between the router and the ASA. We are using OSPF with default-information originate on both routers. Then set the metic on the router you want to use as your backup ISP. For NATing please look at the link below.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml

5 REPLIES

Re: Multihome BGP - ASA doing NAT, how to route ASA?

You need to have your own address space for this to exactly work

Have a look at devices like radware linkproof which can dynamically change the NAT based on the availability of links and even loadbalance between different ISPs

http://www.radware.com/Products/ApplicationDelivery/LinkProof/default.aspx

Just before your post i saw a post from Paolo about EEM support on the routers.

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6555/ps6815/config_guide_eem_configuration_for_cisco_integrated_services_router_platforms.html

HTH

Narayan

New Member

Re: Multihome BGP - ASA doing NAT, how to route ASA?

There is no way to get this to work with 2 class Cs? One from each provider?

New Member

Re: Multihome BGP - ASA doing NAT, how to route ASA?

Can I use just one class C from one of the providers? The other is willing to peer that Class C.

New Member

Re: Multihome BGP - ASA doing NAT, how to route ASA?

BGP routing is not supported on Cisco ASA appliances. I'm not sure how are you going to peer with your ISP. You need a router.

serg

New Member

Re: Multihome BGP - ASA doing NAT, how to route ASA?

We have the same setup. This can be done very easly. You need to run an IGP between the router and the ASA. We are using OSPF with default-information originate on both routers. Then set the metic on the router you want to use as your backup ISP. For NATing please look at the link below.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml

434
Views
0
Helpful
5
Replies