Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
303
Views
5
Helpful
2
Replies

2nd ISP NAT not working in ASA 8.3

ahmad82pkn
Level 3
Level 3

‎04-19-2016 05:45 AM - edited ‎03-12-2019 12:38 AM

Hi, i have two ISP connected to Cisco ASA.

When one ISP go down we manually shift default route to 2nd carrier. in pre 8.3 our PAT worked fine, but in 8.3 ASA our PAT doesnt work. and even if we change default route to 2nd Carrier, NAT/PAT of first carrier keep triggering and same is shown in packet tracer.

What to do to make sure 2nd carrier NAT/PAT trigger as soon i route traffic to 2nd carrier interface?

nat (Inside,ISP1) source dynamic INSIDE-PORTS-ALLOW interface service obj-tcp-eq-http obj-tcp-eq-http

nat (Inside,ISP2) source dynamic INSIDE-PORTS-ALLOW interface service obj-tcp-eq-http obj-tcp-eq-http

Above is example,

When i change default route to

route ISP2 0.0.0.0 0.0.0.0 1.1.1.1

Traffic drops and keeps nating with ISP1 interface.

Please suggest some solution.

Labels:
0 Helpful
2 Replies 2

ahmad82pkn
Level 3
Level 3

‎04-19-2016 11:20 AM

.

0 Helpful

Kornelia Gutierrez
Level 1
Level 1

‎04-21-2016 05:05 PM

Hello Ahnad,

Could you please try to add the route-lookup keyword at the end of both nat statements and test?

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card