Here my lab setup:
- internal net (corporate)
- internal net (guest)
What I want to achieve is:
- corporate net over ips1
- guest net over isp2
- no PBR router
I've alredy set up, that http and https is routing over isp2 (corporated and guest net).
How can a nat rule be set, that corporate net is going through isp1, guest through isp2.
I know, tha ASA can still not doing PBR and multiple context is not an option because VPN is needed.
Here the nat already done:
static (isp2,inside) tcp 0.0.0.0 80 0.0.0.0 80 netmask 0.0.0.0
static (isp2,inside) tcp 0.0.0.0 443 0.0.0.0 443 netmask 0.0.0.0
static (isp2,guest) tcp 0.0.0.0 80 0.0.0.0 80 netmask 0.0.0.0
static (isp2,guest) tcp 0.0.0.0 443 0.0.0.0 443 netmask 0.0.0.0
Thanks for hints...
Sent from Cisco Technical Support iPad App
That is correct, the ASA can only have one route attached to it's routing table based on a destination.
That being said PBR is not supported and as you suggested a Router outside the ASA will do the trick for you.
You can provide redundancy using SLA but that's it.
Mark the question as answered if there is no other question we can answer from you
Remember to rate all the helpful posts, that is as important as a thanks