On Tue, Sep 13, 2011 at 15:00:04, NiKhil wrote:
> Subject: Dual ISP & Dual ASA scenario
>
> Hi All,
>
> Scenario:-
> 2 ISP on 2 different routers.
> 2 ASA (each ASA is connected to each routers directly)
>
> ISP1 ISP2
> | |
> Rtr A RtrB
> | |
> ASA 1 ASA 2
> \ /
> \ /
> \ /
> SWITCH 1
>
> Requirement:-
> Load Balancing/Load Sharing between both the ISP's.
> Active/Standby between both the ASA
>
> Solution:-
> AS path prepending to be used for load sharing by running BGP.
> Configuring 2 default routes one for ISP1 and another as back up for
> ISP2 on ASA.
> PBR configuration on RtrA to forward the traffic on RtrB.
> Stateful Failover on ASA
>
Since it's active / standby, I think you're going to want a switch in front of the ASA's as well.
You'll want to check out TCP State Bypass if you want to take them out of a failover pair.
http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/conns_tcpstatebypass.html
Thanks!
-ryan
Blogs and organic groups at http://www.ccie.net
Received on Tue Sep 13 2011 - 19:11:00 ART
This archive was generated by hypermail 2.2.0 : Sat Oct 01 2011 - 07:26:25 ART