I'm running into a issue with traffic. I have a backup location with internet and connected via MPLS. I need traffic to route to the main location. Do I only add default route to the asa to point to the main ASA network? Or do I add a static nat to the internal network?
! interface Ethernet0/0 speed 100 duplex full nameif t1 security-level 0 ip address 184.108.40.206 255.255.255.224 ! interface Ethernet0/1 speed 100 duplex full nameif inetdmz security-level 25 ip address 172.16.1.1 255.255.255.0 ! interface Ethernet0/2 speed 100 duplex full nameif inside security-level 100 ip address 10.0.254.252 255.255.255.0
Secondary ASA (Different location)
interface GigabitEthernet0/0 speed 1000 duplex full nameif t1 security-level 0 ip address 220.127.116.11 255.255.255.224 ! interface GigabitEthernet0/1 speed 1000 duplex full nameif inside security-level 100 ip address 10.1.250.252 255.255.255.0 ! interface GigabitEthernet0/2 speed 1000 duplex full nameif inetdmz security-level 25 ip address 18.104.22.168 255.255.255.0
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...