Solved

Additional Dedicated WAN for Server on ASA

Posted on 2013-01-25
4
374 Views
Last Modified: 2013-01-25
A client of mine has purchased a 2nd DSL service to be dedicated for a single server due to bandwidth considerations.

Both DSLs are to be hooked up to an ASA firewall on separate interfaces.

They want to map all inbound and outbound traffic for a specific server on the internal LAN to the 2nd DSL and leave all primary surf traffic on the 1st DSL.

Realizing that ASA doesn't support PBR, is there anyway we can make this work without buying an additional firewall/router?
0
Comment
Question by:PerimeterIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 20

Accepted Solution

by:
rauenpc earned 500 total points
ID: 38821281
You could configure multiple contexts to handle this. It would be a bit messy to make all traffic be capable to use both contexts, but if the secondary context is dedicated to the single server it wouldnt be so bad. The server will probably need two interfaces, one with a default route for the internet, and the other with a static route(s) for the inside networks. I believe asa5510 with sec plus and higher come with 2 context licenses by default.
0
 
LVL 1

Author Comment

by:PerimeterIT
ID: 38821291
5 contexts in this case, and there is not need for it to access the inside network.

How would I configure?
0
 
LVL 1

Author Comment

by:PerimeterIT
ID: 38821349
0
 
LVL 20

Expert Comment

by:rauenpc
ID: 38821352
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808d2b63.shtml

http://www.cisco.com/en/US/docs/security/asa/asa90/configuration/guide/ha_contexts.html

Aside from straight configuration, read up on the limits when using multiple contexts. Depending on the code version you're running, there will be different limitations. The biggest limit is client vpn.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco WRVS4400N 11 71
VPN Server config in Modem 5 89
Router question 6 537
Extended ping 6 54
Optimal Xbox 360 connectivity requires "OPEN NAT". If you use Juniper Netscreen or SSG firewall products in a home setting, the following steps will allow you get rid of the dreaded warning screen below and achieve the best online gaming environment…
Hello , This is a short article on how would you go about enabling traceoptions on a Juniper router . Traceoptions are similar to Cisco debug commands but these traceoptions are implemented in Juniper networks router . The following demonstr…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question