Solved: Dual ISP ASA 5525X IOS 9.4 PBR NAT

Daniel Ramirez · ‎05-28-2015

Hi,

Recently my company bought a new Internet channel and I wan't to route some of our internals IP segments to this new ISP. I checked that with PBR this could work, so, I configured, the ACL, the route-map and actually is applied to the private interface, but the traffic is not being routed to the new ISP.

I think is caused for something I missed in the NAT configuration. Maybe you can help me with a recent example of this scenario? I searched but only found obsolete commands.

Thank you,

Vibhor Amrodia · ‎05-30-2015

Hi,

I think it would be better if you can share the configuration which did not work. I think the NAT should use the Egress interface as per the routing requirement.

Refer this for more information on the PBR:-

http://www.cisco.com/c/en/us/td/docs/security/asa/asa94/configuration/general/asa-general-cli/route-policy-based.html

Thanks and Regards,

Vibhor Amrodia

View solution in original post

Vibhor Amrodia · ‎05-30-2015

Hi,

I think it would be better if you can share the configuration which did not work. I think the NAT should use the Egress interface as per the routing requirement.

Refer this for more information on the PBR:-

http://www.cisco.com/c/en/us/td/docs/security/asa/asa94/configuration/general/asa-general-cli/route-policy-based.html

Thanks and Regards,

Vibhor Amrodia

Daniel Ramirez · ‎06-01-2015

The problem was that I was using standard ACL and PBR doesn't work but with extended ACLs.

Thank you.