[Webinar] Streamline your web hosting managementRegister Today


Additional Dedicated WAN for Server on ASA

Posted on 2013-01-25
Medium Priority
Last Modified: 2013-01-25
A client of mine has purchased a 2nd DSL service to be dedicated for a single server due to bandwidth considerations.

Both DSLs are to be hooked up to an ASA firewall on separate interfaces.

They want to map all inbound and outbound traffic for a specific server on the internal LAN to the 2nd DSL and leave all primary surf traffic on the 1st DSL.

Realizing that ASA doesn't support PBR, is there anyway we can make this work without buying an additional firewall/router?
Question by:PerimeterIT
  • 2
  • 2
LVL 20

Accepted Solution

rauenpc earned 2000 total points
ID: 38821281
You could configure multiple contexts to handle this. It would be a bit messy to make all traffic be capable to use both contexts, but if the secondary context is dedicated to the single server it wouldnt be so bad. The server will probably need two interfaces, one with a default route for the internet, and the other with a static route(s) for the inside networks. I believe asa5510 with sec plus and higher come with 2 context licenses by default.

Author Comment

ID: 38821291
5 contexts in this case, and there is not need for it to access the inside network.

How would I configure?
LVL 20

Expert Comment

ID: 38821352


Aside from straight configuration, read up on the limits when using multiple contexts. Depending on the code version you're running, there will be different limitations. The biggest limit is client vpn.

Featured Post

KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

590 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question