Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
451
Views
0
Helpful
2
Replies

ASA 5500 NAT Egress Interface

battanc
Level 1
Level 1

‎04-13-2015 07:26 AM - edited ‎03-11-2019 10:45 PM

I have an ASA-5510 with double "outside" connection (two different provider).

The "primary" connection has the default route to outside interface, but I need to NAT some machines on the "secondary" interface.

I configure the NAT, but I do not have response; I can have response only by configuring a static route.

As show by the Cisco documentation, the NAT can automatically solve the EGRESS interface, but here it seems to NOT work

I remember a similar scenario, where I solved the throuble by removing the "IP reverse path verify" command.

But in that case the firmware was an 8.4.x and now it is a 9.1.5

Some suggestion ?

 

Thanks in advance,

Claudio

Labels:
0 Helpful
2 Replies 2

Rishabh Seth
Level 7
Level 7

‎04-14-2015 04:33 AM

If policy based routing can help you in achieving your requirement then you may try ASA9.4 which supports PBR.

 

Hope it helps.

 

 

0 Helpful

Vibhor Amrodia
Cisco Employee
Cisco Employee
In response to Rishabh Seth

‎04-15-2015 01:21 AM

Hi,

Agree with Rishabh and the only workarounds possible are listed in this documents:-

https://supportforums.cisco.com/document/59986/loadbalancing-dual-isp-asa

https://supportforums.cisco.com/document/49756/asapix-load-balancing-between-two-isp-options

Thanks and Regards,

Vibhor Amrodia

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card