I am stumped on how to configure a network to be able to accept traffic from two ISP's to one host.
We have two ISPs, connected to two firewalls, each firewall has a static NAT mapping for the external IP to an internal IP
ISP1 --> FW1 NAT externalip1 ->192.168.100.10
ISP2 --> FW2 NAT externalip2 -> 192.168.3.10 --> rtr2 NAT --> dest ip 192.168.100.10
Then we have a router behind each firewall, network2 the router changes the destination address from 192.168.3.10 to 192.168.100.10. The packet then gets routed over the internal network to host 192.168.100.10. Two problems occur:
1) The host 192.168.100.10 sends the return traffic out its default gw, which sends to the fw, which attempts to send out gw of isp1 (even though traffic originated through isp2. Is there a way to create a route-map that sends the traffic back out to fw2/rtr2?
1a) Could we NAT the external IP from isp2 to an inside address and use the routing table to send the traffic back to rtr2?
2) The traffic (since it is external) gets dropped by the firewall because of spoofing. This occurs because the firewall is not expecting an outside (internet) address to come in on that interface. we have relaxed the anti-spoofing rules to circumvent, but the routing issue still occurs.
Currently, we have this setup as a failover solution. If ISP1 goes down, we just route all traffic through the network out ISP2. We would like to load balance and use both ISP connections.
We also have p