Hi Community Team!
I have attached an example topology on this thread for explain what I want to do. The suppose that R2 is working as a ISP1 and R3 ISP2, and back of them is the Internet (loopback interfaces). R1 is doing NAT for R4 using the IP range of ISP1 and ISP2, but I want that return packets from packets coming from Internet using ISP2 be transmit to ISP2, and on the other hand, packets from packets coming from Internet using ISP1 be transmit to ISP1, but I can’t do this work.
I have tried to use default routes with the same AD, default routes with different AD, with CEF, without CEF, using CBAC, using ZBFW, but nothing worked. I would like if routers are able to do that when dynamic routing is not possible and only default routing is being used.
I could do this pretty easy with ASA, I only to create both NAT (using one public IP for each ISP) and create two default routes that do not need to have same AD, and ASA will know that packets came from XYZ ISP and that return packets must be transmitted for the same link/ISP. ASA is pretty much intelligent :-)
Imaging that R1 is doing NAT for R4 with those policies:
R1#sh ip int b
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 200.0.0.1 YES manual up up
FastEthernet0/1 201.0.0.1 YES manual up up
FastEthernet1/0 10.0.0.1 YES manual up up
NVI0 200.0.0.1 YES unset up up
!
R1#sh route-map
route-map ISP2, permit, sequence 10
Match clauses:
interface FastEthernet0/1
Set clauses:
Policy routing matches: 0 packets, 0 bytes
route-map ISP1, permit, sequence 10
Match clauses:
interface FastEthernet0/0
Set clauses:
Policy routing matches: 0 packets, 0 bytes
!
R1#sh run | sec ip nat inside source
ip nat inside source static 10.0.0.2 200.0.0.100 route-map ISP1 extendable
ip nat inside source static 10.0.0.2 201.0.0.100 route-map ISP2 extendable
Is it possible to do what I'm trying to using only routers?
Tks!
