Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17


Additional Dedicated WAN for Server on ASA

Posted on 2013-01-25
Medium Priority
Last Modified: 2013-01-25
A client of mine has purchased a 2nd DSL service to be dedicated for a single server due to bandwidth considerations.

Both DSLs are to be hooked up to an ASA firewall on separate interfaces.

They want to map all inbound and outbound traffic for a specific server on the internal LAN to the 2nd DSL and leave all primary surf traffic on the 1st DSL.

Realizing that ASA doesn't support PBR, is there anyway we can make this work without buying an additional firewall/router?
Question by:PerimeterIT
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 20

Accepted Solution

rauenpc earned 2000 total points
ID: 38821281
You could configure multiple contexts to handle this. It would be a bit messy to make all traffic be capable to use both contexts, but if the secondary context is dedicated to the single server it wouldnt be so bad. The server will probably need two interfaces, one with a default route for the internet, and the other with a static route(s) for the inside networks. I believe asa5510 with sec plus and higher come with 2 context licenses by default.

Author Comment

ID: 38821291
5 contexts in this case, and there is not need for it to access the inside network.

How would I configure?
LVL 20

Expert Comment

ID: 38821352

Aside from straight configuration, read up on the limits when using multiple contexts. Depending on the code version you're running, there will be different limitations. The biggest limit is client vpn.

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We've been using the Cisco/Linksys RV042 for years as: - an internet Gateway - a site-to-site VPN device - a leased line site-to-site subnet-to-subnet interface (And, here I'm assuming that any RV0xx behaves the same way as an RV042.  So that's …
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question