Cisco ASA 5510 Dual ISP Active Standy

rm250motox used Ask the Experts™
I am tasked with configuring two Cisco ASA 5510's as active\standby devices. That task seems relatively straight forward. The question I have is how to split the two ISP's between both devices. I'm thinking that this can be done somehow with a switch between the ISP's and the ASA's, although not sure how. I have an HP procurve 3500yl that I can use for this if its possible. Any suggestions would be greatly appreciated.
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Configure BGP on ASA will help you out where to share the routes between both of the ASA i suggest you to use IBGP (Routing).
A clustered ASA 5510 can do active/passive failover with state between the two ASAs

The dual ISP capability on the ASA 5500 series is for connection failover not connection loadbalancing.

I would create a VLAN for each ISP on the switch and then present each ISP connection to each switch, wither on a hardware port, or on a VLAN sub interface. Both ISp connection will then be connected to both ASAs at the same time, but only the active ASA in the cluster will pass traffic.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial