Tuesday, November 19, 2024
Latest:

How to selectively route Interface traffic via an ISP in Cisco ASA

edledge
edledge Cisco logo
Views: 188

Scenario:
Make: Cisco
Model: ASA 5506-X, ASA 5506 W-X, ASA 5508-X, Cisco ASA 5500 Series
Mode: GUI [Graphical User Interface]
Version: ASA version 9.x or later, ASDM version 7.x or later
Description: In this article, we will discuss a stepwise method of how to route traffic of one or more interface(s) or subnet(s) over the secondary (particular) ISP of the Cisco ASA. Considering here, the Cisco ASA is connected with two ISPs i.e. Primary and Secondary.

Let us suppose that the Cisco ASA has two internet links “outside” and “outside1“. It has three client subnets or interfaces “Desktop“, “Wireless-Clients” and “Voice-Phones“. Considering Redundant or backup link is configured on the Cisco ASA.

Primary ISP => outside
Secondary ISP => outside1
Client subnets  => Desktop, Wireless-Clients, Voice-Phones

We want to route the traffic of client subnets as shown below.

Desktop => outside
Wireless-Clients => outside
Voice-Phones => outside1

Solution

Step1: Configure Route map
Configure route map for secondary ISP. Follow the article attached below to configure the route map

Policy Based Routing or PBR Configuration on Cisco ASA – GUI

Once the PBR is configured on the Cisco then select the interface(s) or subnet(s) you want to route via selective ISP. Follow the steps as shown below

In case your internet service provider is using PPPoE or DHCP technology then follow the article to configure PBR with PPPoE link on Cisco ASA.

Policy Based Routing or PBR with PPPoE Link on Cisco ASA

Step2: Interface
Select the interface or subnet you want to route over a selected ISP.

cisco_asa_interface_selection

Step3: Select ISP
Select the ISP via which you would like to route the traffic. In this case we will route the interfaces over Primary & Secondary ISP as mentioned above. We have already created PBR for the secondary ISP as “PBR_ISP_2“.

If no route map is selected then by default the traffic for that interface will route over the primary internet line. We can use the same method to selectively route the traffic via our preferred Internet service provider.

Like we wanted to route Desktop, Wireless Clients and Voice-Phones over secondary ISP. We can set this like we set for the “voice-phones” interface in above step.

By this, we can selectively route the traffic of a subnet or interface via an internet line.

Other Important Topics

Knowledge_Check_Cisco_01

1 / 5

What are the two types of packet capture in Cisco ASA?

2 / 5

What is the default buffer size of Cisco ASA PCAP?

3 / 5

How many interfaces in Cisco ASA can have same route map?

4 / 5

Does Cisco ASA supports PPPoE link?

5 / 5

How many 10 Gig ports are available in Cisco 5508-X ASA?

Your score is

The average score is 0%

0%

SourceKnowledge Base, Internet, Cisco

EA00155

Leave a Reply

Your email address will not be published. Required fields are marked *