Solved

redundancy on cisco asa

Posted on 2014-01-28
7
289 Views
Last Modified: 2014-02-14
Hi Guys,

I have two ISPs and I was wondering could i use an interface for each ISP and set one to primary and set one to secondary??

So, if the primary went down traffic could go out on the 2nd one?
0
Comment
Question by:jonathanduane2010
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
7 Comments
 
LVL 12

Expert Comment

by:Infamus
ID: 39814830
add two different default route.

For example, if ISP1 10.1.1.1 and ISP2 172.20.1.1

ip route 0.0.0.0 0.0.0.0 10.1.1.1
ip route 0.0.0.0 0.0.0.0 172.20.1.1 10

you can also use object tracking....
0
 
LVL 57

Expert Comment

by:giltjr
ID: 39814871
Are you using this for outbound traffic only?

Or are you hosting services that require inbound access?
0
 

Author Comment

by:jonathanduane2010
ID: 39814903
no, it would be for emergencies only really, so outbound traffic would be all we need....
0
Don't miss ATEN at NAB Show April 24-27!

Visit ATEN at NAB Show to learn how our "Seamlessly Entertaining" solutions deliver fast, precise video streaming without delays for the broadcasting and media environment. ATEN will showcase its 16x16 Modular Matrix Switch (VM1600) and KVM Over IP Solution (KE6900 series).

 
LVL 57

Accepted Solution

by:
giltjr earned 460 total points
ID: 39814939
Then using object tracking with SLA and changing the default route.

Replace 1.1.1.1 with the IP address of ISP#1 router and 2.2.2.2 with the IP address of ISP#2's router.


route outside 0.0.0.0 0.0.0.0 1.1.1.1 1 track 1
route backup 0.0.0.0 0.0.0.0 2.2.2.2 254

sla monitor 1
type echo protocol ipIcmpEcho 1.1.1.1 interface outside
num-packets 3
frequency 10

sla monitor schedule 1 life forever start-time now

track 1 rt 1 reachability

Ref:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml
0
 

Author Comment

by:jonathanduane2010
ID: 39815029
great thank you!

I am using the ASDM launcher, can i input these commands through the CLI ?
0
 
LVL 57

Expert Comment

by:giltjr
ID: 39815122
Yes or you can scroll down some on the above link, I'm fairly sure that it shows how to do it via the ASDM.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 39815430
Don't forget you will need a sec plus licence!
Cisco ASA/PIX 8.x: Redundant or Backup ISP




Pete
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco tacacs question 6 33
How to change subnet mask for Fortigate WAN interface 2 39
WDS can't PXE boot 3 37
Outlook PST (cloud) backup 3 30
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
When speed and performance are vital to revenue, companies must have complete confidence in their cloud environment.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question