We have replaced our PIX with ASA 5510 and are running, ASA Version 8.3(1) & asdm-631.bin.
We have 1 ASA and 2 WAN's. So I have configured Failover, so that if primary WAN fails secondary will be active, which works fine. Only problem is NAT rules. So, if I have 2 set of NAT rules 1 for WAN1 & 1 for WAN2, only 1st NAT rule corresponding to the active WAN circuit in the NAT list works and none of other rules work.
I have copied some nat config below (I have not got WAN2 nat rules in there. If I have them, then problem will reoccur) and have also attached ASDM screeshot of NAT rules. Lastly, just so that you have better idea, what I want to achieve is Static NAT to work in case of WAN failover. Do I neeed Twice NAT and hopw to configure?
ip address 192.168.1.1 255.255.255.0
no ip address
ip address 22.214.171.124 255.255.255.240
ip address 126.96.36.199 255.255.255.248
ip address 192.168.100.1 255.255.255.0
boot system disk0:/asa831-k8.bin
nat (LAN,WAN2) source dynamic LAN-Subnet interface description Internet Access For LAN Using WAN2
nat (LAN,WAN1) source static NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0_24 destination static NETWORK_OBJ_192.168.1.128_25 NETWORK_OBJ_192.168.1.128_25
object network NTSERVER02-WAN1
nat (any,any) static 188.8.131.52
object network NTSERVER04-WAN1
nat (any,any) static 184.108.40.206
object network NTSERVER06-WAN1
nat (any,any) static 220.127.116.11
nat (LAN,WAN1) after-auto source dynamic LAN-Subnet interface description Internet Access For LAN Using WAN1
access-group LAN_access_in in interface LAN
access-group global_access global
route WAN1 0.0.0.0 0.0.0.0 18.104.22.168 1 track 1
route WAN2 0.0.0.0 0.0.0.0 22.214.171.124 254