Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Routing traffic to multiple gateways

Looking for configuration suggestions for this setup. Say you have one ASA 5520 that is your company uses as it's default gateway for internal clients. Say you get a second test ASA 5505 to test certain features, etc... You want to use the second "test" ASA as the default gateway (to the internet) for a single particular vlan inside your network although this vlan still needs to be able to access internal resources. The only difference will be that it uses the "test ASA" as its default-gateway. Could this ben done with an access list, and route-map by specifying the internal (in side) address of the test ASA as the set next-hop? We already have the basic ip connectivity from the vlan to the "test ASAs" internal interface. We just need some direction on the routing portion. The internal vlan subnet you use for the ACL would direct external traffic to the test ASA? Does this sound right?

Thanks,

Brandon

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: Routing traffic to multiple gateways

Brandon

Yes you put the ip policy route-map command on the VLAN interface where the traffic enters the router that you want to send to the test ASA. And it would be logical for it to use a standard access list in the match statement to identify the traffic coming from the PCs in that VLAN.

That link looks like a pretty good one. I am glad that you found it.

HTH

Rick

7 REPLIES
Hall of Fame Super Silver

Re: Routing traffic to multiple gateways

Brandon

The access list and route map that you mention are what constitutes Policy Based Routing. And I believe that PBR is a good solution for what you describe.

In the route map you probably do not want to do set next hop, since that would send all traffic to the ASA. You want to do set default next-hop which only changes traffic when it is being routed to the default gateway.

HTH

Rick

New Member

Re: Routing traffic to multiple gateways

Hi Rick,

I am glad you mention what you did about using the "default next-hop" instead of the "set next hop". I am assuming I would apply the policy for the route-map under the vlan interface of the vlan I want to use "test asa" as the default-gateway, the route-map would in addition to the "set default next-hop" would reference a simple standard ACL for the subnet of the vlan...does this sound accurate?

This is the link I had been reviewing, very helpful BTW.

http://www.cisco.com/en/US/tech/tk364/technologies_configuration_example09186a00801f3b54.shtml

I really appreciate your response. Maybe finally after reading Jeff Doyles books (several times) things are starting to sink in.;-)

Thanks,

Brandon

Hall of Fame Super Silver

Re: Routing traffic to multiple gateways

Brandon

Yes you put the ip policy route-map command on the VLAN interface where the traffic enters the router that you want to send to the test ASA. And it would be logical for it to use a standard access list in the match statement to identify the traffic coming from the PCs in that VLAN.

That link looks like a pretty good one. I am glad that you found it.

HTH

Rick

New Member

Re: Routing traffic to multiple gateways

Rick,

AS always, thanks again! I'll test this out today and let you know how it goes, then post this as a resolution.

Thanks,

Brandon

New Member

Re: Routing traffic to multiple gateways

Hi Rick,

Please glance over this config and see if this is what you had in mind.

Thanks,

Brandon

Hall of Fame Super Silver

Re: Routing traffic to multiple gateways

Brandon

It looks good to me.

HTH

Rick

New Member

Re: Routing traffic to multiple gateways

Hi Rick,

The solution worked perfect as designed. I noted the resolution.

Thanks!

Brandon

222
Views
0
Helpful
7
Replies