cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to the Cisco Small Business Community

Have a question? Click on a topic board below to get started in the community.

911
Views
4
Helpful
1
Replies

How to allow Networks behind a L3-Switch access the Internet with ISA570

I have a ISA570 connected to one LAN (172.20.70.0) and one WAN. In this LAN I have a L3-Switch with IP 172.20.70.252 with routes into the other LANs. The default GW on the L3-Switch in the ISA570. Now I want to access the Internet from these LANS. I have configured an advanced NAT Policy and static routes to the other LANs with the L3-Switch as next hop. But I cannot ping the ISA from these LANs nor access the Internet. What have I done wrong?

Thank you very much for your support.

Jens

1 REPLY 1
mpyhala
Rising star

Hello,

You need ONLY static routes on the ISA, delete any advanced NAT rules. The ISA is the gateway of the switch, the switch is the gateway of the other VLANs on it. All VLANs can reach the internet but the ISA doesn't know how to get traffic back to the VLANs until you create the static routes.

- Marty