Solved: Re: Dynamic PAT entries

keithcclark71 · ‎12-15-2022

Previous engineer set these up on an ASA and I am wondering why he needed a different translation rule other than interface. Any ideas???

Milos_Jovanovic · ‎12-15-2022

Couple of reasons crosses my mind:

If you have multiple "outside" interfaces, e.g. two ISP providers, so you want to create redundancy in case one link fails, or if you are somehow load-balancing traffic via multiple interfaces
If one doesn't want to expose ASAs interface on the Internet, and to get blacklisted somewhere, or for strict separation and identification of services

Kind regards,

Milos

balaji.bandi · ‎12-15-2022

not sure - aim guess one that was not working, so check the what is the content of backup.

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Milos_Jovanovic · ‎12-15-2022

Couple of reasons crosses my mind:

If you have multiple "outside" interfaces, e.g. two ISP providers, so you want to create redundancy in case one link fails, or if you are somehow load-balancing traffic via multiple interfaces
If one doesn't want to expose ASAs interface on the Internet, and to get blacklisted somewhere, or for strict separation and identification of services

Kind regards,

Milos