Re: [Config] Can I configure an ASA5505 to load sharing with dua

Author	All Replies
total_noob @co.cr	reply to total_noob Re: [Config] Can I configure an ASA5505 to load sharing with dua Can anyone tell me whether this is even possible? Anyone?
total_noob @co.cr	to forum · permalink · 2008-07-12 18:43:15 ·
aryoba Premium,MVM join:2002-08-22	Can you post more details? I'm looking for source and destination IP addresses and/or subnets of these VPN, VoIP, HTTP, FTP, and all other traffic.
aryoba Premium,MVM join:2002-08-22	to forum · permalink · · 2008-07-12 19:11:28 ·
total_noob @co.cr	Hi. Thanks for taking the time to try to help me out. We are in Costa Rica and acting as a branch office from our "headquarters" in the US and we use the vpn for secure communications between the offices (email, file upload/down to production server, domain authentication (via local server)). We use asterisk internally for our phone system which maintains a SIP connection with Junction Networks for our long distance communications in the states. The rest of the traffic is just "regular user" traffic (http, ftp, IM, skype, etc.) What I would like to do is add the second connection and router all of the "regular" traffic through that connection and leave the vpn connection and SIP traffic on our DSL connection. Thanks again for any help you can provide. - Henry I am a bit reluctant to post any specifics about IPs and VPN data as we are just users and not in control and I wouldn't want to be responsible for disclosing too much information. Internally we are NAT'd and running in the 192.168.x.x address schema.
total_noob @co.cr	to forum · permalink · 2008-07-14 17:10:54 ·
aryoba Premium,MVM join:2002-08-22	Without seeing your IP address scheming, it's hard to tell what routing design is needed. Therefore I could probably provide only general comments When the VoIP, HTTP, and FTP machines (either user/subscriber or the server) are physically separated; then you should be able to set routing decision which source IP address to reach specific destination IP address through specific connection. If there are some machines that need to connect both HTTP and FTP server let's say, then you also have to set routing decision based on the TCP or UDP port numbers. Whichever direction you take, make sure that both end configuration (your end at Costa Rica and the other end at the US) must match. Otherwise, there will be some unexpected behavior such as asymmetric routing and service performance degradation.
aryoba Premium,MVM join:2002-08-22	to forum · permalink · · 2008-07-15 09:16:08 ·


Saturday, 22-Nov 12:13:34	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 9 years online! © 1999-2008 dslreports.com. page compression OFF