[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

Can a pix 501 split traffic between 2 routers

Posted on 2010-03-25
4
Medium Priority
?
373 Views
Last Modified: 2012-05-09
currently the line speed is about 1.6 mb and the mail is hosted internally lotus notesserver. we will be using an external hosting company and once we move our mail to the hosting company using microsft exchange the existing line may not be adiquate so may need another line.
the routers will be provided by the ISP.

can I split the traffic so all traffic except mail will route from the pix via router A to the internet or the hosting company and all smtp traffic will route from the pix via router B to the hosting companys mail server

secondly if a pix or asa can do this will it also support QOS and actually load balance the traffic so both mail and other traffic can go down both lines ??

can upgrade to asa if this works

0
Comment
Question by:ian_riley1
  • 2
  • 2
4 Comments
 
LVL 13

Expert Comment

by:GuruChiu
ID: 28547149
You can split the mail traffic using either Pix or ASA, if it have more than 2 interfaces. Lets say we name the interfaces as follow: inside, outside and int2.

Inside connect to your internal network.
Outside connect to your ISP 1 for internet traffic except mail. It will have an IP address provided by ISP1.
Int2 connect to your ISP 2 dedicated for mail traffic only. It will have an IP address provided by ISP2.

Add a route to mail server through ISP2 router.
Have a default router through ISP1 router.

If you use this method, there is no load sharing (balancing). ISP2 will be for mail traffic only.

The ASA also have a feature to load sharing between up to 3 ISP. However in this case, you cannot dictate all the mail traffic will go thorugh 1 particular ISP.  Just create multiple 'global (intf-name) 1 interface' for each ISP connection and a route 0.0.0.0 for each.  Be cautious that it load balances 'per session' correctly in order to maintain client sessions cleanly out all the interfaces.
0
 

Author Comment

by:ian_riley1
ID: 28560827
so to clarify

at least a pix 515e or asa 5510 to get the additional port

and the 5510 would give load balancing across the 2 external ports

and what is the downside of the per session load balanceing

0
 
LVL 13

Accepted Solution

by:
GuruChiu earned 2000 total points
ID: 28577080
Let me clarify

Option 1 - use two interfaces for ISP connection, one for each ISP. Configure global for each interface for the corresponding ISP. Setup routing to route traffic to mail server through one of the ISP. No load  balancing.

Option 2 - use ASA. Use 1 interface for ISP connection. Configure global and route to go to two ISP. ASA will try to balance the load. If you notice I refer to load sharing. As a nature of per session load sharing, the same session will always go to one of the ISP. If that session uses 99% of the bandwidth, it will still go to the same ISP instead of go through two ISP.
0
 

Author Closing Comment

by:ian_riley1
ID: 31706997
Thank you i understand now.
0

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Although free tools can be helpful to a limited extent, it’s better to stick to paid versions for business use.
The onset of year 2018 has been a usual business for IT teams still struggling to find their way out in terms of strengthening their cloud security.
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
Get the source code for a fully functional Access application shell with several popular security features that Access VBA application developers desire, but find difficult or impossible to figure out how to code. You get the source code for managi…

612 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question