02-06-2014 09:54 AM - edited 03-11-2019 08:41 PM
Hello,
I have two external ISP interfaces and need help with some nat questions.
I have a webserver that I wish to advertise out both interfaces.
The issue I'm having is exactly how to do it on the ASA with version 9.x code
ISP 1: 9.9.9.0
ISP 2: 8.8.8.0
object network webserver
host 7.7.7.7
nat (dmz,isp1) static 9.9.9.9
nat (dmz,isp2) static 8.8.8.8
I can't seem to get this working. I'm new to this code but the old code was so much easier with this....
02-06-2014 10:01 AM
Hi,
You wont be able to configure the Static NAT towards both ISP with a single NAT configuration. More specifically, you wont be able to configure 2 NAT statements under the same "object network"
You should configure it like this
object network WEBSERVER-ISP1
host 7.7.7.7
nat (dmz,isp1) static 9.9.9.9
object network WEBSERVER-ISP2
host 7.7.7.7
nat (dmz,isp2) static 8.8.8.8
If you want to read a bit about the new NAT format that was introduced from 8.3 onwards then you could have a look at a document I wrote here on the CSC
https://supportforums.cisco.com/docs/DOC-31116
Here is also another great document for someone that knows the old format but wants to know the corresponding new format
https://supportforums.cisco.com/docs/DOC-9129
I agree that the old NAT configuration format in some situations was a lot simpler and you potentially created a lot simpler configuration. In larger environments and more special setups I do think that the new NAT configuration format is far more simpler/safer to configure and provides more flexibility. There are some issues with it that I still dont have clear answer to but for the most part it seems to work just fine.
Hope this helps
- Jouni
02-06-2014 11:00 AM
Thanks!
02-06-2014 11:06 AM
Hi,
Let us know if it worked for you.
Do remember to mark a reply as the correct answer if it answered your question.
- Jouni
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: