Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ASA5520 with Two ISP's

I have an ASA5520. It's been running fine with my one ISP, about 3 one to one NAT's and PAT to one outside IP. My question is, i recently added a second ISP that is going to used for one subnet on my LAN. What i did is treated that one subnet just as all of my other subnets, pointed a static route from core switch to the ASA. I also added a static route for it back to the core switch. I created a PAT for that subnet to the new ISP IP address. Added the new IP to a new outside interface. When i try to get out to the internet on a PC, i can't. When i debug the ASA it gives a PORTMAP TRANSLATION CREATION FAILED FOR (protocol, src ip and dest ip). Any suggestions? Is this a bug or am i just missing something?

  • Firewalling
5 REPLIES
New Member

Re: ASA5520 with Two ISP's

I imagine it's due to having your default route on one interface, but you're translating out the other interface. Not 100% positive though.

Silver

Re: ASA5520 with Two ISP's

Hello,

As I know ASA supports only one ISP at the same time, you can have a backup Internet line and in case of the failure of the first one it falls back to the backup. You should configure route tracking.

Please rate me if I helped.

bye

FCS

New Member

Re: ASA5520 with Two ISP's

Are you trying to load balance on both ISPs, and are they directly connected on your ASA?

Please put here the configuration.

Regards

Silver

Re: ASA5520 with Two ISP's

Please see the below article about dual ISP, this is the way how ASA can handle Dual ISP..

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml

bye

FCS

Please rate me if I helped

New Member

Re: ASA5520 with Two ISP's

Not trying to load balance. I have one subnet on my network that needs to go to ISO2 because they are PC's that the public access and ISP2 is a content filtered connection from the state. I need the PC's on my network to manage, but at the same time, go out ISP2. All other traffic go out ISP1.

861
Views
0
Helpful
5
Replies