Solved

Router for 2 lans into one DSL line with second DSL line as backup

Posted on 2014-03-25
9
384 Views
Last Modified: 2014-03-30
I have an ASA-5505 at my disposal but a very rudimentary ability to make it do what I need, and this is over my head.

i have a higher speed DSL line and a lower speed fractional T1 line. Both are "modemed" to be ethernet connections.

I also have 2 lans, one on a 10.x.x.x segment that is important and needs protection and one on a 192 .x.x.x. segment that is for a more open WiFi and PC network. These two should NEVER see each other.

I would like both to use the higher speed DSL connection until it fails then move to the lower speed one as a backup.

Many devices on the 10.x.x. segment are simple widgets and do not recognize a VLAN so I have to keep these networks physically separate.

Will the ASA-5505 do what I want and can anyone here help me with config? I am hoping to take a stab at this Friday morning.
0
Comment
Question by:Salad-Dodger
  • 5
  • 3
9 Comments
 
LVL 13

Accepted Solution

by:
Norm Dickinson earned 500 total points
ID: 39954938
The easiest way to set this up is to add a dual-wan router and feed the LAN side of it into the Cisco ASA-5505, right where the web is going now. I just installed a very inexpensive TL-R470T model by TP-Link that has one dedicated WAN, one dedicated LAN, and three additional ports that can be configured as either WAN or LAN in any combination, allowing up to four different ISP WAN connections if I choose. It can be set up to pool speed (additive) or to failover and has a lot of additional features. It's pretty easy to set up. I've worked with the ASA-5505 models on a few occasions and they are pretty particular in how you set them up - and fairly unforgiving if you are not familiar enough with them, but capable of the task if you prefer to go it that way. If you decide to go with an inexpensive multi-wan router, buy two and set them both up the same way, so that if one does fail, you can simply plug the other one in with a minimum of downtime. (There are higher quality devices out there that perform this function as well.)
0
 
LVL 1

Author Comment

by:Salad-Dodger
ID: 39954978
Thank you for the reply - I just looked at that device on the web, the feature that is missing is the isolation between lans. I would need it to have to different gateways exposed to each lan. I understand how the cisco could continue to provide that feature, but my first choice would be to reconfigure the cisco (or replace it completely) so I don't wind up with a daisy chain of devices.
But that is a neat device, I will keep it in mind.
0
 
LVL 13

Expert Comment

by:Norm Dickinson
ID: 39955040
I can provide a couple of manuals for the ASA-5505 device if that helps. See attached.
Cisco-ASA-5500-Series-Adaptive-S.pdf
Cisco-ASA-5505-Installation-Guid.pdf
0
 
LVL 1

Author Comment

by:Salad-Dodger
ID: 39955043
Thank you again. I ordered the device you recommended, it was really inexpensive, and it might get me some speed until I can figure out the ASA.  

But the ASA remains the goal.  :)

I gotta get support from cisco on this thing so I can update the firmware. Forgot about that...
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 11

Expert Comment

by:marek1712
ID: 39956246
Assign security level to the VLAN interfaces (yes, make separate VLANs for these two LANs).
In the global config mode you'll be able to issue:
same-security-traffic permit inter-interface
Which speaks for itself.
For the failover link:
Check THIS post.
0
 
LVL 1

Author Comment

by:Salad-Dodger
ID: 39956332
I haven't done this config in several years when this was first installed, even then I had a lot of help from someone here who did essentially ALL the config. I just typed it in. While I understood what I was typing at the time, that knowledge has been purged from the brain so I'll have to figure this out all over again.
I will grab the box this evening and post the running config and my attempts to translate the post you referenced and your command.
0
 
LVL 1

Author Comment

by:Salad-Dodger
ID: 39960306
Can't get into this one, PW not what was written on it. I  will need to start from scratch after I reset it ... No way I can pull this off now. Help?
0
 
LVL 13

Expert Comment

by:Norm Dickinson
ID: 39960539
Dual WAN router anyone?
0
 
LVL 1

Author Closing Comment

by:Salad-Dodger
ID: 39965672
Your solution worked well enough to give me time to figure out the ASA. And it was really simple to implement. Thank you for that suggestion.
I still want to make the ASA do this job, but mostly for my own education so I'll start another question. I have to wipe the ASA and get the firmware current first. Once thats done, I'll be back.
Thank again.
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

If you are thinking of adopting cloud services, or just curious as to what ‘the cloud’ can offer then the leader according to Gartner for Infrastructure as a Service (IaaS) is Amazon Web Services (AWS).  When I started using AWS I was completely new…
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

706 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now