Multiple default route to multiple ISP

vipinrajrc · ‎11-15-2011

Hi Experts,

I am having a strange requirement. actually I am not sure it is strange or not. I am hvaing ASA5510 with 8.4 sw version.

Currently one ISP is connected to it. It is working fine.

We have some servers that are directly connected to internet using another ISP connection. These srevers having public IP addresses configured on their LAN settings. I need to move these servers in to the DMZ zone.

When i connect it to the ASA's DMZ zone,servers will get internet through the first ISP that is already configured on ASA. But i need to NAT the DMZ servers with the IP address provided by the other ISP, which even not configured on ASA.

So what should i do? In short my requirement is

1) need to NAT the server with the IP address provided by another ISP

2) Also note that the default route is configured for the first ISP only in ASA

so Do i need to configure another default route?

Do i need to make it with larger AD? So i do it will act as the secondary route only.

I need to make the ASA up and running for two ISP, and servers in the LAN should be able to NAT with the IPs of first ISP and ,the servers in the DMZ zone should be able to NAT with the public IP of the new ISP.

IS THIS POSSIBLE? please advice

Thanks

Vipin

Thanks and Regards, Vipin

vikz230884 · ‎11-15-2011

Hi,

I think it should work since you are using public address as long there is one to one NAT mapping for the server.

The only issue is there will be asymetric routing.

Traffic from server to public will use ISP 1 but when going inside from outside will use ISP 2.

HTH,

Vikram

terrygwazdosky · ‎11-15-2011

How about connecting both ISPs to a router and then put the ASA behind that? Then you could do policy-based routing on the router to decide which ISP link the traffic should use.