accessing Single IP from two IP from outside

Unanswered Question
Mar 18th, 2008


We have ASA 5500 series configured to access mail server ip from outside by a single static command

snatic (inside,outside) IP_ADD1 , Mail_serverIP. with corresponding access list configured on outside interface.

Now we are having second ISP router that also terminates on the outside of ASA. ( in the same subnet, ASA outside R1, R2 ethernet are in the same subnet ).

ISP1 has a pool of say Pool1 , and IPS2 has given a pool2. Our current staic command is working fine with ISP pool1 ip address. so now qustion to us is how do we access the same mail server from ISP2 pool. As staic command do not allow same ip to be used for two different.

Accessing it viz DMZ port is not possible as it is used for some another purpose.

Any experience please share.

any trick to do this please share !

Thanks in advance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jan.nielsen Sat, 03/22/2008 - 18:47

Give your mail server a second ip address locally, and then nat your isp2 address to that. Remember though, you can only use this for redundancy not load-balancing, as there is no option for using two default routes on an asa. You will need to setup a track of the route via isp2 so the asa changes its default route if the primary link goes down.


This Discussion