Additional Dedicated WAN for Server on ASA

A client of mine has purchased a 2nd DSL service to be dedicated for a single server due to bandwidth considerations.

Both DSLs are to be hooked up to an ASA firewall on separate interfaces.

They want to map all inbound and outbound traffic for a specific server on the internal LAN to the 2nd DSL and leave all primary surf traffic on the 1st DSL.

Realizing that ASA doesn't support PBR, is there anyway we can make this work without buying an additional firewall/router?
LVL 1
PerimeterITAsked:
Who is Participating?
 
rauenpcConnect With a Mentor Commented:
You could configure multiple contexts to handle this. It would be a bit messy to make all traffic be capable to use both contexts, but if the secondary context is dedicated to the single server it wouldnt be so bad. The server will probably need two interfaces, one with a default route for the internet, and the other with a static route(s) for the inside networks. I believe asa5510 with sec plus and higher come with 2 context licenses by default.
0
 
PerimeterITAuthor Commented:
5 contexts in this case, and there is not need for it to access the inside network.

How would I configure?
0
 
rauenpcCommented:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808d2b63.shtml

http://www.cisco.com/en/US/docs/security/asa/asa90/configuration/guide/ha_contexts.html

Aside from straight configuration, read up on the limits when using multiple contexts. Depending on the code version you're running, there will be different limitations. The biggest limit is client vpn.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.