Re: New ISP CONNECTED AND CHECK ONE VLAN NETWORK WHETHER INTERNET IS WORKING - Page 3

vishnuvichu36601 · ‎05-05-2018

WE CONNECTED NEW ISP INTERFACE TO OUR CISCO ASA.ALREADY WE HAVE 2 ISP IN ASA.WE CONFIGURE THE INTERFACE FOR NEW ISP AND WRITE NEW NAT POLICY FOR ONE VLAN NETWORK TO CHECK WHETHER INTERNET IS WORKING OR NOT,INTERNET IS NOT WORKING.

OUR NAT POLICY IS LIKE

SOURCE INTERFACE IS NEW ISP INTERFACE

SOURCE ADDRESS IS 172.18.*.*/24

DESTINATION INTERFACE IS ANY

DESTINATION ADDRESS IN ANY

DYNAMIC PAT

SOURCE ADDRESS TRANSLATION IS OUTSIDE ISP INTERFACE

PLEASE HELP US TO SOLVE THIS ISSUE.

vishnuvichu36601 · ‎05-07-2018

Hey sir,
I know that the interface configuration.
In that interface configuration how to map the policy thats what i am
asking to you

Marius Gunnerud · ‎05-07-2018

Again, here is the example I provided, see the text in red colour.

access-list testACL permit ip 10.10.10.0 255.255.255.0 any

route-map access-test permit 10

match ip address testACL

set next-hop <IP of ISP2>

interface gig0/1 <-- This interface is the on closest to your inside network

nameif inside

security-level 100

ip add 172.16.1.1 255.255.255.0

policy-route route-map access-test <-- This is the policy applied to the interface

--
Please remember to select a correct answer and rate helpful posts

vishnuvichu36601 · ‎05-07-2018

Thank you for your patience. Working as an administrator we need to think
twice to do configuration changes that's why I am asking to you