Multiple Network Object pointing to same IP address

tpennington · ‎02-17-2013

I have what i hope is not a unique problem. I have two ISP's and I want to be able to use failover between the two ISP's. The problem I cannot seem to overcome is that I want to be able to have outside email come in and connect to the same server. If I put in the config below into my ASA, it returns an error that I cannot have two network objects pointing to the same IP.

Is there a way around this?

I'm running v9.1 for my ASA.

object network mail-server

host 192.168.1.10

object network mail-server2

host 192.168.1.10

Andrew Phirsov · ‎02-17-2013

It's really hard to understand why you're trying to define two objects pointing to the same IP)))

tpennington · ‎02-18-2013

The reason is so that is ISP-1 fails, I can still get email from ISP-2, all going to the same internal server.

nkarthikeyan · ‎02-18-2013

Hi,

I guess you can do as such in object-group and not on the object.... I hope you are defining the object that has to be used for NAT.

I have tried in ASA 8.2(5) 26 thru object-group.

Regards

Karthik

Please do rate if the given information helps.

tpennington · ‎02-18-2013

What would the config look like?

jocamare · ‎02-18-2013

This might be a problem with the code, you can do that with previous codes.

You can use the same object multiple times and it will work just as if you had two of them.

The following would be a workaround for that issue, but it has to be a problem with the code

object network mail-server

host 192.168.1.10

Object service MAIL

service tcp destination eq 25

nat (inside,outside) source static mail-server service MAIL MAIL

nat (inside,outside1) source static mail-server service MAIL MAIL