Networking
Configuring the WAN
Cisco ISA500 Series Integrated Security Appliances Administration Guide 133
4
•DNS Detection: Choose this option to detect the WAN failure by looking up
the DNS servers that you specify in the following fields:
-Default DNS Servers: Send the DNS query for www.cisco.com to the
default WAN DNS server. If the DNS server can be detected, the network
connection is active.
-Specify DNS Servers: Send the DNS qu ery for www.cisco.com to the
specified DNS servers. Enter the IP addresses in the Primary WAN DNS
Server and Secondary WAN DNS Server fields. If the primary or
secondary DNS server can be detected, the network connection is
active.
STEP 2 Click Save to apply your settings.
Load Balancing with Policy-Based Routing C onfiguration ExampleUse Case: A customer has two lines, one is a cable link and another is a DSL link .
The majority of traffic goes through the cable link since it has larger bandwidth,
and the rest traffic goes through the DSL link. As lots of secure websites (such as
bank, or online shopping) are sensitive to flip flop the source IP address, let traffic
for https, ftp, video, and game go through the cable link.
Solution: Complete the following configuration tasks:
• Configure a configurable port as the secondary WAN (WAN2). See
Configure a secondary WAN, page 125.
• Connect the cable modem to the primary WAN port (WAN1) and connect
the DSL modem to the secondary WAN port (WAN2).
• Enable the Weighted Dual WAN Settings and set the weighted value of
WAN1 to 80% and the weighted value of WAN2 to 20%. See Dual WAN
Settings, page 130.
• Enable the Policy-Based Routing feature and configure the Policy-Based
Routing rules so that traffic for HTTPS, FTP, video, and game is directed to
WAN1. S ee Configuring Policy-Based Routing, page 153.
• (Optional) Enable the Usage reports and the WAN Bandwidth reports so
that you can view the network bandwidth usage. See Usage Reports,
page 92 and WAN B and wid th R epo rts , pa ge 9 4.