I am not sure I am missing something, but if you cannot ping 188.8.131.52 with wan_3 being the outgoing interface, then either wan_3 or something on the other side of wan_3 is not configured correctly. How far does a traceroute go ?
tracert, if this what you mean, doesn't work.
a conclusion is that on both LAN3 & LAN4 which are configured with wan_3, they are both redirected to wan_2
LAN4 works ok
LAN3 doesn't have internet, but its site to site vpn works
I am currently checking with our ISP for wan_3, in case there is a problem from their side.
I double checked LAN4 and found that it uses wan_2 instead of wan_3!
I just hit what is my ip address on chrome and saw the public IP.
so the the problem should be this. somehow traffic is redirected to wan_2 for both interfaces, but LAN4 works.
How can I check traffic flow on this interface. Because by what I have found the problem is that all LANs traffic goes to one wan interface.
this is the output from packet tracer
Asa5516X# packet-tracer input lan3 icmp 192.168.15.61 1 15 184.108.40.206
route-map LAN3_PBR permit 5
match ip address PBR_LAN3_ACL
set ip next-hop verify-availability 220.127.116.11 1 track 10
Matched route-map LAN3_PBR, sequence 5, permit
Subtype: Resolve Egress Interface
found next-hop 18.104.22.168 using egress ifc wan_2
access-group lan3_access_in in interface lan3
access-list lan3_access_in extended permit ip any any log disable
service-policy global_policy global
match access-list sfr_redirect
service-policy SFR interface wan_2
New flow created with id 912677, packet dispatched to next module
this shouldn't be using 22.214.171.124 as a next hop but only 62.x.55.161
The problem I am facing is that sporadically this interface loses its internet access but the StoS VPN works with no problem.
I don’t see how the overlay vpn is still active after you lose its transit path- do you mean the vpn shows active but you lose connectivity over it?
How does this interface lose connection, is the interface flapping, Do you receive any errors?
Check the cabling, speed/duplex settings,Errors on the interface.
our site to site vpn works but we lost internet access (example www.google.com) this interface is up for about 2.5 years and this happened 5-6 times for about 1-2 days and then fixes on its own, know it is the 3rd day.