cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


274
Views
0
Helpful
1
Replies
Beginner

ASA - ISP Failover & NAT

Hi, I'm running ASA version 8.4(4)1 and have configured internet failover through the use of weighted default routes and tracking. This part works fine, but when I failover to ISP2 I can't connect out. The problem seems to be NAT, because when I failover it looks like the NAT entry for ISP1 is still being used. I have a second NAT entry for ISP2, is there anyway I can get the ASA to use the second NAT entry when it fails over to ISP2?

There are lots of examples out there on how to configure this, but all for older versions of ASA.

Kind Regards

Terry

Everyone's tags (3)
1 REPLY 1
Highlighted

ASA - ISP Failover & NAT

Hello Terry,

Actually it needs to take place,

Can you do a packet-tracer while the first ISP is down.

packet-tracer input inside tcp inside_host_ip 1026 4.2.2.2 80

Regards

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC