ASA5520 with Two ISP's

Unanswered Question
Apr 25th, 2008
User Badges:

I have an ASA5520. It's been running fine with my one ISP, about 3 one to one NAT's and PAT to one outside IP. My question is, i recently added a second ISP that is going to used for one subnet on my LAN. What i did is treated that one subnet just as all of my other subnets, pointed a static route from core switch to the ASA. I also added a static route for it back to the core switch. I created a PAT for that subnet to the new ISP IP address. Added the new IP to a new outside interface. When i try to get out to the internet on a PC, i can't. When i debug the ASA it gives a PORTMAP TRANSLATION CREATION FAILED FOR (protocol, src ip and dest ip). Any suggestions? Is this a bug or am i just missing something?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
farkascsgy Wed, 04/30/2008 - 07:08
User Badges:
  • Silver, 250 points or more


As I know ASA supports only one ISP at the same time, you can have a backup Internet line and in case of the failure of the first one it falls back to the backup. You should configure route tracking.

Please rate me if I helped.



kapish.mohole Wed, 04/30/2008 - 21:14
User Badges:

Are you trying to load balance on both ISPs, and are they directly connected on your ASA?

Please put here the configuration.


cowetacoit Thu, 05/01/2008 - 05:25
User Badges:

Not trying to load balance. I have one subnet on my network that needs to go to ISO2 because they are PC's that the public access and ISP2 is a content filtered connection from the state. I need the PC's on my network to manage, but at the same time, go out ISP2. All other traffic go out ISP1.


This Discussion