Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Need router dual Wan in front of ASA

I need to route based on the policy rules. ASA doesnt seem to do that, I want the business traffic on one WAN and the Internet and VOIP on the 2nd WAN. I was thinking the 1811 will do this. I already have an ASA working but cant route. Any suggestions?

11 REPLIES
Hall of Fame Super Gold

Re: Need router dual Wan in front of ASA

Get the router.

When configured properly, you will find that you don't even need the asa anymore.

Re: Need router dual Wan in front of ASA

Mark,

ASA can't do that.

You can use cisco 1811 router to do that. Just create ACLs to classify traffic you want to redirect to each WAN link. If they are internet links please pay special attention to NAT.

HTH,

Toshi

New Member

Re: Need router dual Wan in front of ASA

I knew ASA couldnt do this, is the 1811 the right model? Sounds like it has the 2 WANS. Why wouldnt I need the ASA any more?

Re: Need router dual Wan in front of ASA

Mark,

You still need ASA for doing firewall jobs. Cisco 1811 router supports PBR. However it depends on how much traffic you are going to send them out of 2 Wan links. PBR is done on the process switch. You may check by using a "sh process cpu history" command when running this feature on. I used to configure Cisco 1721 router(2 internet links) for my customer with this features. It's fine. Like I mentioned, It depends. (grin)

HTH,

Toshi

New Member

Re: Need router dual Wan in front of ASA

Thank you very much for your help. I hate ordering the wrong stuff! :)

Re: Need router dual Wan in front of ASA

Mark,

I'm not sure that why you choose Cisco 1811 router. In case you want to add any WIC/HWIC for Wan interfaces. You may think about Cisco 1841 router. It has 2 WAN slots for you guys. (grin)

Edit: You need IOS feature set, IP services or higer for doing PBR on Cisco 1811 router(If you want to).

Note: I'm sleepy head now(4 Am). You may check things yourself. http://www.cisco.com/go/fn

HTH,

Toshi

New Member

Re: Need router dual Wan in front of ASA

I went to the comparison on the 1800 series and the 1811 was the 1st one that had 2 WANS. Why would the 1841 be better?

Hall of Fame Super Gold

Re: Need router dual Wan in front of ASA

becase the router does a very good firewall also.

Hall of Fame Super Gold

Re: Need router dual Wan in front of ASA

Thank you very much for your help. I hate ordering the wrong stuff!

That's what e-bay is for. He he he ...

Super Bronze

Re: Need router dual Wan in front of ASA

BTW, how were you planning to control return traffic to WAN link?

Unless you control both directions with QoS, VoIP with any other traffic might degrade VoIP.

If you can provide QoS in both directions, unclear the advantage of placing traffic on dedicated links with PBR. Also, with PBR, gets a bit more complex assuming you want both links to "backstop" each other.

New Member

Re: Need router dual Wan in front of ASA

We have one internet connect we use for VPN to our other locations. Some of the locations are running RDP with the servers here.

The 2nd connection is supposed to be for the internet for the local office (here) just for uploading and downloading etc.

That is what started all of this. So I am hoping to route the http and ftp traffic on the one line, and the rest of it on the other line.

330
Views
0
Helpful
11
Replies