- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I am trying to connect the 4g lte broadband router with voice as a secondary ISP to my Cisco ASA5506. Is it possible? I have the firewall route switching when the primary ISP is down but I get nothing back from the 4g lte broadband router with voice.
I have the ASA connected to a LAN port on the 4g lte broadband router with voice and DMZ turned on to that address (192.168.1.2). I can ping 192.168.1.1 from the ASA but nothing past it. I can't even resolve DNS.
Any direction would be appreciated.
Solved! Go to Correct Answer
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Found it. I was missing a NAT statement from the inside interface to the backup interface.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It’s possible with a dual WAN port router where a BRV LAN port connects to one of the WAN ports on the dual WAN port router. That’s not what you’re doing by connecting another router to the BRV.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The ASA5506 is a dual WAN port router.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ah, maybe it is right then. The next hurdle is three unique subnets. Example:
ASA WAN1 = 10.20.30.40 Unknown ISP
ASA WAN2 = 192.168.1.1 BRV
ASA LAN = 192.168.2.1 (your LAN uses the 192.168.2.x subnet)
You’re pinging from your LAN on the 192.168.2.0 subnet, the ASA should have a route to 192.168.1.1 established. If the BRV LAN IP is 192.168.1.1 and it’s DMZ is 192.168.1.2, and the ASA WAN2 IP address is 192.168.1.2, you should be able to ping everything through the route from 192.168.2.X to 192.168.1.2 > 192.168.1.1 > the 100.x.x.x IP address > the Verizon DNS > the internet.
If you cannot, has the ASA established a route to 192.168.1.1.?
If the ASA has a log file there should be a reason for failure.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Found it. I was missing a NAT statement from the inside interface to the backup interface.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Good job!