By Carol Freyer
Published Wednesday 27th 2009
ISPs Articles
Rating: Unrated
Article Views 1196

In this commodity I will explain how to configure a Cisco ASA 5505 firewall to affix to bifold ISPs for back-up purposes. Suppose that we accept a primary accelerated ISP connection, and a cheaper DSL band affiliated to a Accessory ISP. Normally all of our cartage should breeze through the primary ISP. If the primary articulation fails, the accessory DSL affiliation should be activated for Internet access. Please agenda that the aloft book is accurate alone for Outbound cartage (i.e. from our centralized arrangement appear the Internet). The functionality that I will call beneath works for ASA 5505 adaptation 7.2(1) and above.

Assume that we are assigned a changeless Public IP abode of 100.100.100.1 from Primary ISP and addition changeless Public IP abode of 200.200.200.1 from our Advancement ISP. We will use Ethernet 0/0 for abutting to Primary ISP, Ethernet 0/1 for abutting to our Centralized LAN, and Ethernet 0/2 for abutting to our Advancement ISP. We will actualize three VLANs to abutment our configuration. VLAN1 (the absence Vlan) will be assigned to Ethernet 0/1 (inside), VLAN2 will be assigned to Ethernet 0/0 (primary-isp) and VLAN3 will be assigned to Ethernet 0/2 (backup-isp). We additionally accept to configure two changeless absence routes pointing to the ISP aperture address. The primary ISP absence avenue shall accept a metric of 1 and the advancement ISP absence avenue shall accept a metric bigger than 1 (let's say 2). Let us see the agreement below:

ASA5505(config)# interface ethernet 0/0

ASA5505(config-if)# switchport admission vlan 2