Announcement

Collapse
No announcement yet.

Dual ISP failover Cisco ASA

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Dual ISP failover Cisco ASA

    I need to configure an ASA to failover/ failback with two ISP's
    I believe I have the base config, but could use some assitance/ verification

    INT 0/0 is DHCP (VLAN2)
    INT 0/1 is pppoe (VLAN3)

    interface Vlan2
    nameif outside
    security-level 0
    ip address dhcp setroute

    interface Vlan3
    no forward interface Vlan2
    nameif backupisp
    security-level 0
    pppoe client vpdn group QwestDSL
    ip address pppoe setroute



    (config)# sla monitor 100
    (config-sla-monitor)# type echo protocol ipIcmpEcho 4.2.2.2 interface outside
    (config-sla-monitor-echo)# timeout 1000
    (config-sla-monitor-echo)# frequency 3
    (config)# sla monitor schedule 100 life forever start-time now
    (config)# track 1 rtr 100 reachability
    (config)# interface Ethernet0/0
    (config-if)# dhcp client route track 1
    (config-if)# ip address dhcp setroute
    (config)# interface Ethernet0/1
    (config-if)# dhcp client route distance 254
    (config-if)# ip address pppoe setroute

    Thanks in advance

  • #2
    Re: Dual ISP failover Cisco ASA

    Looks good to me. I would change the sla to ping your ISP's next hop router though. The reason for this is 4.2.2.2 is a public dns server so if that becomes unavailable then your SLA will fail and initiate failover even though the primary ISP connection is fine.
    CCNA, CCNA-Security, CCNP
    CCIE Security (In Progress)

    Comment


    • #3
      Re: Dual ISP failover Cisco ASA

      I want to do a similar setup where i have 2 ISPs on two different asa and want to have the asa in Active/Passive Mode (Active/Standby). Can anyone help me with the same on how to do it.

      Comment


      • #4
        Re: Dual ISP failover Cisco ASA

        Check the ASA configuration guide for active/standby failvoer
        CCNA, CCNA-Security, CCNP
        CCIE Security (In Progress)

        Comment

        Working...
        X