Solved

Cisco ASA adding another interface

Posted on 2014-09-22
7
247 Views
Last Modified: 2014-09-30
Hi Guys

I have two ISPS that come into the building and I have a Cisco ASA 5510 with two spare interfaces. One of those interfaces is connected to one of my ISPS, can i setup one of the other interfaces to use the new ISP?

And do I have to make sure the new ISP router is in bridged mode?

Thanks a million
0
Comment
Question by:jonathanduane2010
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
7 Comments
 
LVL 20

Expert Comment

by:netcmh
ID: 40336359
Yes, you can. Here's an article walking you through the process: http://itcurry4all.blogspot.com/2013/04/cisco-asa-5510-with-dual-isp-redundancy.html

This method would help you fail over to your secondary ISP if primary ISP interface physically goes down .

Another scenario, load balancing: http://www.shanekillen.com/2013/08/cisco-asa-load-balancing-with-dual-isp.html
0
 

Author Comment

by:jonathanduane2010
ID: 40336724
OK,

I have it plugged into eth3 on asa 5510 and trying add it through the GUI and here is a screenshot of the ip address i am trying to add along with the subnet and i have also attached an image of the error message i am getting
newip.png
cisco-error.png
0
 
LVL 20

Expert Comment

by:netcmh
ID: 40336764
the 255.255.255.255 is for a host. What you need is the subnet mask for the gateway of the 2 host network that your ISP segregates it's and your internet connection routers (usually a /28).
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 57

Expert Comment

by:Pete Long
ID: 40340214
MAke sure you have a sec plus licence! (show version)

See Cisco ASA/PIX 8.x: Redundant or Backup ISP Links

PL
0
 

Author Comment

by:jonathanduane2010
ID: 40341325
So that means that the subnet mask is 240?

I have tried that and I am getting "ip address not valid" ?
0
 
LVL 20

Accepted Solution

by:
netcmh earned 500 total points
ID: 40341606
That was just a suggestion. What is the actual subnet your ISPs have handed you?
0
 
LVL 20

Expert Comment

by:netcmh
ID: 40351996
Thanks for the grade. Good luck.
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question