Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
380
Views
0
Helpful
2
Replies

Dual ISP for Inbound NAT services

J_Vansen_S
Level 3
Level 3

‎08-25-2015 09:50 PM - edited ‎03-11-2019 11:29 PM

Hi All,

I have 2 ISP terminating on the ASA5585 version 9.4

 

Incoming NAT-Traffic

I need to have both the Email and Lync servers NATted to public IP and both accessible at the same time.

Is that possible in my setup?

 

Outgoing Traffic

Internet traffic default route will go to ISP 1

 

How do i achieve this?

Am i suppose to insert another default route to ISP 2 with administrative distance 100

 

Appreciate any advise

 

Labels:
Preview file
32 KB
0 Helpful
2 Replies 2

joseoroz
Cisco Employee
Cisco Employee

‎08-26-2015 01:41 PM

Hello J,

If you need to receive traffic on both ISP's that will work meanwhile you have static translation. The inactive unit will receive the traffic and pass it to server and the same flow will be used to send the traffic out to the same path. 

That will work for VPN as well. The limitation on the firewall is that only supports a single default gateway but on this case the NAT will allow the traffic and make it symmetric as the same path will use all along. 

Kind regards,

Jose Orozco. 

0 Helpful

Ajay Saini
Level 7
Level 7

‎02-02-2017 01:21 PM

I posted in a similar discussion, please check if that is similar to what you are looking for.

https://supportforums.cisco.com/discussion/13212126/e-mail-server-asa 

Let me know if there are any questions.

-

AJ

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card