03-29-2017 04:32 AM - edited 03-12-2019 02:08 AM
i am facing a complicatedly situation, hoping can have your help.
our new HQ office will have 2 internet broadband and setup on ASA5516X
so the ASA has 2 outside ports and 1 inside port.
On outside-1 is a static IP broadband (has 16 IP addresses )
On outside-2 is a pppoe (the interface ip is assign by dhcp and it’s dynamic )
And we got 2 subnet, subnet A and B
Subnet A will go outside-1 and subnet B will go outside-2
Here is my config (now)
NAT/PAT Part:
object network A
subnet 10.0.0.0 255.255.255.0
nat (inside,outside-1) dynamic interface
object network B
subnet 11.0.0.0 255.255.255.0
nat (inside,outside-2) dynamic interface
PBR Part:
access-list go_outside-1 extended permit ip 10.0.0.0 255.255.255.0 any
route-map wh-route permit 100
match ip address go_outside-1
set ip next-hop x.x.x.x //outside-1 gateway ip
interface GigabitEthernet1/8
ip address 10.0.0.254 255.255.255.0
policy-route route-map wh-route
Now, each subnet can go to the correct outside interface and NAT properly.
The A subnet will according PBR and go to outside-1 then PAT.
The B subnet will according default route which generate by pppoe then PAT.
HERE!!!! MY QUESTION:
I wanna all broadband can be as a backup line for each other. When ISP-1 down , all A subnet will go ISP-2. And vice versa. I tried to using sla monitor and track but not work. Maybe my configuration is incorrect. I am not figure out if A go outside-2, how the PAT work????
Anyone can give me some advice???
thx!
03-29-2017 05:31 AM
Hi Ronald,
As my understanding you have a two ISP. A subnet user goes via ISP 1 and B subnet goes ISP 2.
you configured PBR route for A subnet in mapped with ISP1. Let me know ISP1&ISP2 routing priority.
thx,
MJ
03-29-2017 05:45 AM
create verify availability in pbr route and check.
route-map wh-route permit 100
set ip next-hop verify-availability x.x.x.x1 track 1
thx,
MJ
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide