Hello all, I've an ASA5506 previously configured with one outside interface. This interface is used for both internet for employees and Site-to-Site VPN for external companies... The ISP is renewing its equipment and added a new modem/circuit before removing the old one. I configured then a new external interface to be able to migrate all VPN connections one by one, but I am facing an issue. My idea was to keep the 2 interfaces active and first migrate internet access to the new line and then migrate the S2S VPNs one by one, then once validated remove the old connection. So I created a new route for the 0.0.0.0 traffic to go through the new interface but with a lower Metric "2", then I changed the "outside" Metric to "3" in order to redirect the internet traffic to the new interface. -route outside 0.0.0.0 0.0.0.0 <publicIP_1> 1 (->3) -route newISP 0.0.0.0 0.0.0.0 <publicIP_2> 2 ... and it worked fine! excepted that all the VPN connected companies lost access to our internal network (oups!). I reverted back the route metric asap and didn't have time to investigate/troubleshoot the problem. Of course, now I am a bit afraid with going any further with new changes. Do you have idea what I could have done wrong? Thanks a lot in advance for your help!
... View more