Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: ASA5510-ADDING A SECOND INTERFACE TO ACCESS INTERNET

ASA5510-ADDING A SECOND INTERFACE TO ACCESS INTERNET 7 years 11 months ago #27809

  • mattf-123
  • mattf-123's Avatar
  • Offline
  • New Member
  • Posts: 1
  • Karma: 0
I realize this may be an easy one, but any help would be appreciated.

Current Config:

INTERNET Provder1---CISCO 1700 ROUTER----ASA5510----Catalyst2900----clients

We are considering a secondary internet provider that is offering a trial to see how our needs react to their speeds provided. Trying to transition from 768 dedicated to Comcast business. Not sure how good Comcast is. Anyway, I'd like to add a secondary interface to the ASA and force all of my traffic through it. I have no issues with editing the security policies or even adding a second interface.
Just have not been able to get clients up on the new internet service.

Desired Config:
Internet Provider1Cisco1700 & Provider2SMC8014 ---- ASA5510 --- Catalyst2900
clients

I'm pretty sure the error lies in my routes, but am not certain.
Is what I am attempting possible?
The administrator has disabled public write access.

Re: ASA5510-ADDING A SECOND INTERFACE TO ACCESS INTERNET 7 years 11 months ago #27821

  • ZiPPy
  • ZiPPy's Avatar
  • Offline
  • Expert Member
  • Posts: 500
  • Karma: 0
Is your intention to have both ISPs connected to the ASA5510, but only allow for one of them to be active? That way if your not satisfied or run into issues, you can simply switch over?

I haven't worked with the ASA5510, only the 5505, but I noticed that the 5510 has an extra slot. So, adding the second interface is possible as I'm sure you already know.

Now that I think about it and looking at your diagram you would need two interfaces on both units, the 1700 and the ASA. Each WIC-1DSU-T1 would be configured with there corresponding ISPs on the 1700. From the 1700 is where you would make the connection live to the ASA5510, with of course the second interface installed on the ASA.

I might be making this more complicated than necessary, sorry :?

What do you guys think? We need the ASA experts to jump in on this one. PIX guys too! 8)


ZiPPy
ZiPPy
The administrator has disabled public write access.

Re: ASA5510-ADDING A SECOND INTERFACE TO ACCESS INTERNET 7 years 11 months ago #27824

  • S0lo
  • S0lo's Avatar
  • Offline
  • Moderator
  • Posts: 1577
  • Thank you received: 7
  • Karma: 3
Desired Config:
Internet Provider1Cisco1700 & Provider2SMC8014 ---- ASA5510 --- Catalyst2900
clients

Not sure I get your desired config here. Do you want to connect the new interface of the ASA directly to the second provider? or do you want to connect it to the Cisco 1700 and then connect that to the second provider using another interface on the 1700?

A dump of your current configs for both the ASA and the 1700 can also help us help you. (you can mask out private info).
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
The administrator has disabled public write access.
Time to create page: 0.077 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup