Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
138
Views
0
Helpful
0
Replies

Correct way to config two external interfaces on the CSF 1210CE FTD

Brunetta7
Level 1
Level 1

‎04-28-2025 05:39 AM

Good morning everyone,
I recently installed a CSF 1210CE FTD on which I configured two external interfaces to use two ISPs with two different public IP addresses.
I then configured two default static routes with metric 1 for the main one and metric 5 for the secondary one.
On the main external interface I activated an SLA Monitor so that in case of problems it goes down and all traffic from the inside to the outside will pass on the secondary external interface.
This has been tested and it works.
I configured static NATs for both interfaces to expose services used by our external customers.
I noticed that remote users can access our services only from the public IP that refers to the main interface of the firewall,
but if I try to connect from the outside to the public IP address of the second interface this is unreachable.
From the logs I don't see any block or allow, as if the second interface didn't exist and yet from the inside to the outside it is possible to communicate.
If I restore the old juniper firewall then everything works correctly again so it's just a Cisco configuration problem.
What am I doing wrong? Is it perhaps necessary to enable the second interface to receive connections from the outside?
Thanks to everyone
Have a nice day
Giuseppe

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card