ASA 5520 - Adding New (Second ) ISP routing/NAT question

Unanswered Question

We are switching providers & need to know if I can route/NAT both providers at the same time.

By having both providers connected on different interfaces it would give me the ability to test the new ISP & would give me the flexibility to make changes to DNS.(we house several websites on our DMZ interface on the firewall)

Interfaces are

Outside (current ISP)

Outside2 (new ISP)

DMZ (Web servers)

Can anyone provide white papers.

Thanks in advance

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Farrukh Haroon Thu, 06/11/2009 - 06:53

As far as routing is concerned, yes. But the problem is that the NAT function (at least the static) is bi-directional. So traffic from the internal source will be translated to the 'passive' ISPs mapped IP (public IP). But it will be routed out the primary ISP. Whether this would work, depends on how your ISP is configured (Access-lists etc). Its worth a try tough.




This Discussion