Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Configure a pair of cisco ASA with 2 ISPs ?

Posted on 2009-04-14
5
Medium Priority
?
532 Views
Last Modified: 2012-05-06
Hi Experts,

I have a pair of ASA 5520 and I'd like to configure it as failover with my 2 ISPs. We have purchased a subnet from each ISP (they are 64.x.x.x/30 and 11.x.x.x/30). My question is how do I configure 2 x ASAs with 2 difference ISPs for failover ? Thanks a lot.

Note: the pair of router will do all the NAT and routing parts.



pic.GIF
0
Comment
Question by:SJCA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 6

Expert Comment

by:cosmicfox
ID: 24141529
When you run a failover setup on a ASA they share there configuration between the two devices. So from what i can see is you would need to have each ISP plugged into each ASA. then you will have to do a IP SLA also known as track feature.
0
 
LVL 1

Author Comment

by:SJCA
ID: 24143424
Correct, i will need to plug each ISP to each ASA. I have done active/standby for 2xASA before but it was done within the same subnet. Since this is difference subnet from difference ISPs, will that possible for ASA ? what should I be aware of ?
0
 
LVL 6

Accepted Solution

by:
cosmicfox earned 2000 total points
ID: 24144198
You will need to use the route track feature, the link is below on a setup. I would suggest you setup this in a test lab, Download GNS3 and use the Pix emulator and set this up to test.

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml#diag
0
 
LVL 1

Author Comment

by:SJCA
ID: 24149134
I have both physical hardware (which belong to my company) and GNS3 with me.

For GNS3, I have setup the 2 x PIX working as active/standby redundancy but within the same subnet only. For my situation, I'm not sure if they will work with 2 difference subnets, plus I have not seen any tutorials about this, maybe it's impossible to do !? ( i may wrong on this)

I'm digging more in route track feature to see how it works. By the way, I think the link you provided that just for 1 PIX/ASA with 2 ISPs.
0
 
LVL 6

Expert Comment

by:cosmicfox
ID: 24149625
Yes the guide only shows the track feature, you will need to setup this in order to have two connections. Putting a failover unit will not change much with this feature. It will give you device redundancy
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question