I have an ASA5520. It's been running fine with my one ISP, about 3 one to one NAT's and PAT to one outside IP. My question is, i recently added a second ISP that is going to used for one subnet on my LAN. What i did is treated that one subnet just as all of my other subnets, pointed a static route from core switch to the ASA. I also added a static route for it back to the core switch. I created a PAT for that subnet to the new ISP IP address. Added the new IP to a new outside interface. When i try to get out to the internet on a PC, i can't. When i debug the ASA it gives a PORTMAP TRANSLATION CREATION FAILED FOR (protocol, src ip and dest ip). Any suggestions? Is this a bug or am i just missing something?
Not trying to load balance. I have one subnet on my network that needs to go to ISO2 because they are PC's that the public access and ISP2 is a content filtered connection from the state. I need the PC's on my network to manage, but at the same time, go out ISP2. All other traffic go out ISP1.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...