Solved: Internet Failover Dual ISP NAT Issue - QUESTION WITHDRAWN! I was being

BrianChernish · ‎07-01-2024

We have a remote office which connects to our main location via MPLS. The core switch at the remote site has a default route of 0.0.0.0 0.0.0.0 172.17.1.1

This address is our core switch in our main office and all "internet traffic" is sent throught the MPLS Network to core switch which in turn sends the internet traffic to our FirePower Firewall at the main location - NAT is handled by the FirePower.

We recently had a situation where our communications carrier completely lost all connectivity across the MPLS due to a line card failure in thier CO and it took them over 24 hours to repair it. We are trying to configure a redundant route to the internet via a Starlink circuit at our Remote Office so that Office could at least connect to the internet.

I was hoping to simply put a secondary "weighted route" for 0.0.0.0 0.0.0.0 to the Starlink Gateway address, with a weight of "10" and do an IP SLA tracking on the main office core ip.

Where I get into trouble is with NAT:

Normal operation through the MPLS does not use NAT between the remote Office and the MAIN Office.

When I failover to the Starlink I will need to NAT my inside addresses.

Any suggestions on how I can accomplish this?

TIA

Brian Chernish

MHM Cisco World · ‎07-01-2024

you have two links
one via MPLS to DC using FW
other direct connect to internet
so you can NATing the traffic to direct connect the traffic not pass via MPLS it Direct Access Internet DAI in remote site

MHM

View solution in original post

MHM Cisco World · ‎07-01-2024

you have two links
one via MPLS to DC using FW
other direct connect to internet
so you can NATing the traffic to direct connect the traffic not pass via MPLS it Direct Access Internet DAI in remote site

MHM