Cisco WAN :: WAN / Dual ISPs - Can ASA 5505 Do Load Balancing As Well

Jan 24, 2010

I want to link ASA 5505 to two ISP's for backup purpsose. I can see this configuration example here url...
Question - does the ASA 5505 do load balancing as well for both connections - is there an example somewhere? (I do not want to buy two ASA 5505's!) which seems the only way I could find configuration details for!

View 6 Replies


Scheduled Load Balancing With Multiple ISPs?

Oct 23, 2011

Friend of mine has a setup out in the sticks, currently with two ISPs: Hughesnet satellite, and a line-of-sight WiFi provider; they're also getting a cel tower within range soon and he's looking at adding an HSPA/LTE connection via that as well.the first gives him a static IP and ridiculous speed and bandwidth at night... but far less speed and a painfully low bandwidth cap during the day (you go over, you pay through the nose).

The second gives lots of bandwidth but poor speeds (difficult to even watch a YouTube video) and a constantly-changing dynamic IP.The third, once implemented, will give him good speeds and decent bandwidth (I believe up to 10GB/mo) but again, will get spendy if he goes over that limit.Right now, I've got him set up with both routers plugged into the same network, multi-homed the NICs on his machines (192.168.0.* for Hughes, 192.168.1.* for LOS) and a little script on each computer that will change the default gateway to let him select which ISP he wants to use... however, it's going to get trickier with a third, and will make it even tougher to keep track of the bandwidth used on each one... especially with multiple computers, a DVR, and two users.

So I'm looking for some way to automate all this... something that will, say, use the HSPA feed most of the time for his whole home network, switch to LOS if it gets near the cap, and switch everything over to the satellite automatically during "unlimited" hours. Again, I'm not opposed to setting up something PC-based with the appropriate software, although for my own sanity, it would really need to be Windows-based (I'm way below n00b with Linux).

View 3 Replies View Related

Cisco WAN :: 1841 Router With Dual WAN Load Balancing

Oct 9, 2012

We've got a 1841 router with dual-WAN connection, one is Cable and it goes to Fa0/0, another one is ADSL2+ and it goes to WIC-ADSL card.I'm trying to configure a load-balancing and failover using per-packet or per-destination connection.I can configure "ip sla" for both connections pinging 2 different DNS IPs of 2 ISPs. But I can't configure command "track 1 rtr 1 reachability" and "track 2 rtr 2 reachability". There is no "rtr" allowed to type there. And all examples shows that command for load-balancing. What command to use for that or why I cannot use the above command?

View 9 Replies View Related

Cisco Firewall :: Dual ISPs On ASA 5505

Dec 5, 2011

We have a cisco ASA 5505 with sec bundle plus
We have two ISP's:
ISP1 (Our IP =, gateway
ISP2 (Our IP = dynamic, gateway - ADSL 
Our internal LAN IP range is
We want to configure the ASA 5505 to allow users via ISP2 for http traffic We then want to use ISP1 for strictly VPN and access to internal web resources (eg OWA) as we have public IP's there.
Our idea was to configure two gateways on the ASA (e.g. via ISP2 and via ISP1)
Then give the users gateway for web browsing etc Is this configuration possible on the ASA 5505?

View 4 Replies View Related

Cisco WAN :: 1921 Dual ADSL Load Balancing / Failover?

Mar 28, 2011

We have purchased a Cisco 1921 with twin ADSL after advice from a Cisco sales rep. However I am having trouble working out the load balancing/fail over config for the device.
I would like traffic to balance over both ADSL lines and if one goes down not to interrupt connectivity.
I had a look at ppp multilink but I am unsure our ISP (BT) support this?
!! Last configuration change at 13:18:34 UTC Tue Mar 29 2011!version 15.0service timestamps debug datetime msecservice timestamps log datetime msecno service password-encryption!hostname xxxxxx


View 10 Replies View Related

Cisco WAN :: 1841 / Dual WAN With CEF Load Balancing And VPN Client Error

May 7, 2012

I have a Cisco 1841 router connected to two different lines  (same ISP) and I would like to load balance between them. I think I have  achieved this point, but the problem is that remote VPNs do not work (only from Dialer1).This is my diagram:
ISP1----ISP Router----------Fa0/1 ROUTER 1841
----------Fa0/0 LAN
ISP2 ----------------pppoe Dialer1 ROUTER 1841
I  have tried to redirect all my vpn traffic through the Dialer1 with PBR, but it does not work.

View 4 Replies View Related

Cisco WAN :: Dual Internet Link In Terms Of Load Balancing ISR 2921

Jan 20, 2012

We have deploy a Cisco ISR 2921 to connect two ISP for internet access, Link 1 is fix public IP, link 2 is xDSL.And we configure dual link load-balance, the configure just like the famous DOC "[URL]" name:"dual internet links NATing with PBR and IP SLA". Inside network to internet is ok, and traffic was load-balance, Dual link can be redundancy. But there has some issue we don't realize.Most people interesting how the inside traffic load-balance outside, but ignore the traffic from outside issue.

View 2 Replies View Related

Cisco Firewall :: ASA 5505 Split Traffic On Dual ISPs

Jul 31, 2012

I have an ASA 5505 current f/w & the security plus license (to get the 3 nameif interfaces). Can I split traffic between two ISPs, (VPN traffic to one destination on a T-1 on one VLAN, and all other traffic using DSL to another VLAN) and using a different nat policy on both? I know load balacing isn't supported, only failover. I was just wondering if there was a way to make this work.

View 3 Replies View Related

Cisco WAN :: Dual ISPs In ASA 5520

Jul 10, 2011

We got 2 ISPs -------> two ASA 5520 Primary / secondary --------> LAN . ASA is configured with ACL and Static NAT for our mail , web & ftp servers .
My question is how to configure the 2nd ISP on the ASA to auto switch to the 2nd ISP when the 1st is down with a backup static NAT and backup ACL for the new ISP , in other words how to configure a active static NAT and Backup Static NAT and ACL only for Exchange/Mail Server.Here is the example of our configuration where PIE is Primary ISP & EMC is Backup ISP.
ASA Version 8.2(1)
hostname Corp-ASA
enable password 2KFQnbNIdI.2KYOU encrypted
passwd 2KFQnbNIdI.2KYOU encrypted

View 1 Replies View Related

Cisco WAN :: Dual DHCP ISPs On ASA5505?

Jul 1, 2012

I've been searching the net for days now trying to configure the ASA5505 for dual DHCP ISP use. All guides available assume you have one static.
After realizing that it required a Security Plus license to even configure 3 VLANs.
I can choose a backup interface in ASDM. It even says dual ISP enabled. Why cant there be a guide or simple configuration example or am I the only one looking for this kind of solution?
Customer has two ADSL internet connections and want to switch between them if they fail. No load balancing required.

View 2 Replies View Related

Cisco Application :: 4710 - Load Balance Two / Three ISPs Using ACE?

Oct 16, 2011

How to load balance two/three ISPs using ACE.
What might be the default gateway?Can i create a serverfarm with two rserver with different subnets?

View 4 Replies View Related

Cisco Firewall :: ASA 5520 For Dual Active ISPs

Dec 14, 2011

I inherited a network redesign project mid implementation and ran across an issue that I was not 100% sure able to be resolved.  Implementation is occurring in which the organization is changing over to a different ISP and we have some customers that will not be able to change their settings over to our new addresses from some time.  I have seen a lot of posts about fail over and dual ISP configurations, but I could not relate them to this particular scenario.

View 3 Replies View Related

Cisco WAN :: 2800 Load Balance Internet Multiple ISPs

Jan 9, 2010

what you're doing to load balanace internet traffic?  I'm interested in load balancing internet traffic (outbound -AND- INBOUND) using multiple (at least 2) ISPs.  Some of the methods I have used in the past have certain weaknesses.. basic DNS load balancer (relies on multiple IP addresses per host), OER/PFR (ability to control INbound is limited unless complex configuration and coopearation with ISPs)...  This is kind of a broad open ended question.. It seems like something that would be a common issue and am wondering what other are doing with the capabilities 2800, 2900, 3800, 3900 series routers..

View 6 Replies View Related

Cisco Firewall :: ASA 5510 Nat / Routing DMZ With Dual ISPs (4 Legged)?

Apr 11, 2013

I am in the process of configuring a ASA 5510 to replace an older PIX.  This change is part of migrating to a new ISP, so the process is complicated by the existence of two outside interfaces.  I have virtually everything working, but there is a requirement to be able to access hosts from the internal networks using both their private IPs and their public IPs.  The older PIX took care of this silently with little configuration, but the ASA has me twisted on the details.  Some of the hosts with public IPs are on the internal network and some are on a DMZ (not my design, inherited).  For the internal ones I implemented hairpinning to take care of the requirement, but I am having trouble with the DMZ based hosts.. Since there are two external interfaces each internal host has two IPs and two static NAT rules to handle incoming traffic from each external interface.
The routins and dynamic NAT entries we have in place take care of accessing the hosts using their private IPs on the DMZ, but I cannot figure out how to get the public IPs to work from the internal network.  It seems like a simple Static D-Nat shoudl do it, but when I add a Static D-Nat on the DMZ the public IP works, but the private IP breaks..  Is there a way to get them both to operate ?
Network layout looks like this (IP ranges altered):

DMZ Class C
Outside  Class C
Outside2  Class C


After applying it I could access the public IP ( from the internal network, but I could no longer access the DMZ IP ( from the internal network. Is there any way to get this configuration to allow access to both IPs from the internal network ?
The problem here is that there are website links based on the public IP and the DNS is split so DNS returns the internal IP to users. As a result both need to be accessible from the internal network.. Not my favorite design, but the client (or in this case the boss) is always right so I need to get it working somehow.

View 8 Replies View Related

Cisco Firewall :: ASA5510 With Dual ISPs And Static NAT On Backup

Dec 12, 2012

Looking to have an ASA5510 with two internet feeds. Moreover, I would like to have my static nat translations continue to work on the backup feed. I have outbound nat working, however I cannot get the inbound nat to work. I had this all figured out in 7.x but now with 8.x I cannot seem to get it working. If anyone has a 8.x example config.

View 4 Replies View Related

Cisco VPN :: Dual ISPs On ASA5510 And Remote Access Client

Jul 7, 2012

i have two public IPs on ASA5510 + Remote Access VPN Client, what i want to achieve is, i want VPN client users to be able to login using any of the two ISP's IP to remote connection to the ASA. what is the command to use to achieve this.
Secondly, i have setup the primary link VPN through ASDM but thinking i should do the same thing and add the "backup" interface.

View 1 Replies View Related

Cisco Firewall :: ASA505 - 2 Sets Of NAT Rules To Accommodate Dual ISPs

Oct 10, 2012

I am setting up an ASA550 ver 7.2(3) - does this need upgrading?I have my ISP interfaces setup as primary and backup I have a static route pointing out:route primary 1 Question:Do I put the next static route to be route secondary 254 Will this set a high metric on the secondary route that will only take effect if the primary route is down? I assume I will need to have 2 sets of NAT rules to accommodate the dual ISP's

View 1 Replies View Related

Cisco VPN :: ASA 5510 With Dual ISPs Split Traffic Between VPNs And Internet

Jul 1, 2011

I need to know how to setup my ASA with dual wan links. 1 is 10/10 fiber, other will be a 50/5 Cable Wideband link. The 10/10 fiber is currnetly being used for VPN's and Internet, (about 20 point to point IPSEC vpn's currently).
I want to add the Wideband link and use the "Tunneled (Default gateway for VPN traffic)", feature for the current fiber link and the new Wideband link for any other internet traffice. I tried this however as soon as I set my fiber link to "Tunneled (Default gateway for VPN traffic), I lost all connectivity.
I also setup my "VPN" link with the "tunneled" option and my "INTERNET" link with a default route to the internet. This would only let me ping internet sites from the ASA device but not from client computers, also the VPN's would not come backup.
I have tried the sla setting with a DSL line for failover and that works good, i've since got rid of the DSL and want to utilize 2 wan links for different purposes/traffic.
ASA 5510, SSM-10      1GB RAM
ASA version                8.4(1)
ASDM Version            6.4(3)
Context Mode            Single
FW Mode                  Routed
License                     Security Plus

View 5 Replies View Related

Cisco WAN :: ASR1001 / L2 Over L3 With Load-balancing?

Nov 30, 2011

i'm trying to accomplish the following:I want to trasport a bunch of vlan layer 2 etherchannel on a pair of layer3 connections, using L3 to load balance.i was considering a pair of options:
1) bridging + gre (non applicable since i cant bridge 2 interface beloging to a etherchannel to a tunnel)
2) L2TP is it possible to accomplish this with the above tecnology? any reference, configuration example?
3) AoMLPS is it possible to accomplish this with the above tecnology ? any reference, configuration example?
I cant modify topology, the routers used are ASR1001 It is mandatory that both sites have a layer2 connection between them.

View 1 Replies View Related

Cisco WAN :: 2811 DSL Load Balancing

Dec 9, 2010

I have a Cisco 2811 router with two HWIC-ADSL cards configured for dsl connection. I have two lines from the same ISP and i am load balancing between them. I have created a couple of SLA's to check the state of the connections and add to the routing table the two default routes if both are up or any one of them is up.My problem is that when i  try to download big files (especially antivirus updates) the download at some point stops (especially the antivirus exits with an error of unreachability). If i shut down one line everything works fine.Could i use something (configuration-wise) to prevent this problem from happening?????Is there any way i can combine the two lines? They are simple ADSL connctions with static ip's.

View 8 Replies View Related

Cisco WAN :: Load Balancing On ASR1002?

Jun 25, 2012

One of our customer just purchased ASR1002 router, they have three internet links from different ISPs and they dont have any remote site, they have three different public IP pool as their respective ISPs. So, is it possible to load balance the internet traffic using all three link on Cisco ASR router ( IOS - Advance Enterprise Services)

View 3 Replies View Related

Cisco WAN :: 4506-E DSL Load Balancing

Jun 10, 2012

I need to configure DSL Load Balancing on Core Cisco Switch 4506-E. I have a Router Cisco 2811 with 2GE Ports and a Firewall Cisco ASA5505. I have 8 Physical DSL Connections with 1Mb each. I need to combine that 8 Mb on Core Switch and allow each end user to access the Internet via the available DSL connection which means that every user has 8 Mb available.

View 7 Replies View Related

Cisco VPN :: Load Balancing ASA 5520

Sep 13, 2011

We have an ASA5520 pair that we will be installing to load balance SSLVPN connections.  Below is a portion of our configs pertaining to the VPN load-balancing feature (configured on both ASAs):My specific question is related to routing of return traffic to load-balanced VPN sessions.  Is there some kind of persistence function that tells the return traffic which ASA to route back to?  For instance, if ASA1 has a VPN connection having IP address associated to it, and ASA2 has a VPN connection having IP address, how does the return traffic for each connection know which ASA to route back to?

View 1 Replies View Related

Cisco VPN :: Load Balancing ASA 5510

Sep 13, 2011

Currently we have deployed site to site vpn between 2 asa 5510 model. one is corporate site and one is remote site. now we plan to use radware load balancer in which 2 isp will terminate. now if at a remote site wecreate only 1 ipsec tunnel and mention sigle isp peering. if one isp fails at corporate how remote site will be access by site to site vpn through 2 isp vpn. what thing we need to do over asa as well as load balancer at both end.

View 6 Replies View Related

Cisco Application :: URL Load Balancing In ACE 20?

May 23, 2011

I have 2 rservers,,I have 3 URLs in both

I want to have only one link for two same link in both servers with this ip address so I will have 3 link and will load balance to 6 links


View 4 Replies View Related

Cisco WAN :: WAN Load Balancing On 2811

Apr 18, 2012

i have a one 2811 router with 2 nos of HWIC-1FE card, and also i have two mpls connection [code] how can i configure it with mpls load balancing ?

View 10 Replies View Related

Cisco :: Check Load Balancing On The Routers Using BGP?

Apr 8, 2011

How is the best and easiest way to check kind of load balancing on the routers using BGP (Border Gateway Protocol)?

View 6 Replies View Related

Cisco WAN :: 11501 CSS Load / Advance Balancing

Mar 1, 2011

We have Cisco CSS 11501 and connected in  One-Arm way.Currently there are 4 source sending traffic and 3 server to  receive the request. We are using Advance-balancing with Source IP. So  the ratio become 2:1:1 or 1:2:1 or 1:1:2.But our target is to do the load balancing in equal ratio.

View 1 Replies View Related

Cisco Routers :: RV016 Is Not Load Balancing UDP?

Feb 22, 2012

this router (RV016v3, Firmware: v4.1.1.01-sp (Dec 6 2011 20:03:18)) in regards to it not properly directing UDP packets out of the right WAN, as per the settings stored in Protocol Binding section of [System Management, Multi-WAN].I use the section to direct all traffic from desktop computers ( ~ through WAN4, and all VoIP related traffic ( ~ through WAN2(PPPoE).Everything seems to be working well except for some of the UDP traffic from which is seen in the log going out of WAN4 instead of WAN2.I have even created a new entry for [UDP/5060~5060]->, and placed it at the very top of the list.Here are a few lines that I've observed in the log: (Refreshed the registration of two SIP Trunks configured in our PBX)
Feb 23 18:11:47 2012     Connection Accepted     UDP> on eth4
Feb 23 18:11:46 2012     Connection Accepted     UDP> on ppp2
Feb 23 18:11:46 2012     Connection Accepted     UDP> on eth4
Feb 23 18:11:46 2012     Connection Accepted     UDP> on ppp2
There are no static routes configured, so i'm baffled by what could cause some of the UDP packets to go through the wrong WAN.All TCP Traffic from is seen going though WAN2 as it should.

View 2 Replies View Related

Cisco WAN :: ASR1001 - Internet Load Balancing

Feb 3, 2013

I want to load balance my Internet traffic between two ASR 1001 routers that are connected to our core switches.  Both routers are connected to the same ISP (Comcast) going to the same BGP AS on different /30 subnets.  Is there a way for me to load balance my Internet traffic using both connections with BGP rather than having one of these connections sitting idle?  If not, the only solution I see is to configure my layer 3 devices to split internet traffic between both routers (i.e. default routes with same AD).

View 6 Replies View Related

Cisco WAN :: 2821 / 881 - Load Balancing Between Two Routers?

Feb 24, 2011

We have a network topology like 2821 router with MPLS link and 881 Router with DSL Connection(DMVPN).

MPLS Link runs in BGP
DSL Connection runs in EIGRP.

So the existing scenario is like When ever MPLS link goes down Traffic will be moved to DSL connection. and once it come again it will be moved back to DSL using HSRP we are doing this. in this case most of the times my DSL connection will be in standby mode.Now my management decided to use both the links in active state and want to do some load balance between the links for some specific traffic like Internet, WSUS Updates, Antivirus updates need to go through the DSL connection even the MPLS is up and running.

View 2 Replies View Related

Cisco Routers :: RV042 Load Balancing And OWA

Apr 6, 2012

I have a rv042 router with two internet connections. I have setp the WAN1 and WAN2 and set the load balance mode. Surfing on internet is then not a problem and I checked that I was using the two internet connection.However if I try to connect to my corporate (OWA) outlook web access i am looping on the first page where I should provide my credentials.I know that most of the load balancer could be set up with a sticky bit to keep the session on the same WAN connection.

View 4 Replies View Related

Cisco Application :: 389 Load Balancing LDAP In ACE?

Dec 5, 2011

Does loadbalancing ldap services in ACE? Both port 389 and 636.

View 4 Replies View Related

Copyrights 2005-15, All rights reserved