Hi, I would like to know is it possible/advisable to have 2 ISP links on PIX515E interfaces so that if one goes down the other will be up for outside users to access the server services inside the PIX local LAN with out any service disturbance. Please advice and kind enough to send me the sample configurations. Thanks.
This document says "this setup may not be suitable for inbound access to resources behind the security appliance." And my requirement is mainly for inbound continues access. So, Will this work for inbound access by configuring with the simple static and access-list commands for the corresponding ISP interfaces along with the above Backup interface configurations? Please advise.... Is anyone tried this before?
it will not work with inbound access with above example , personaly I have not faced this scenario but would definately like to lab this out, frankly I don't know if there is a simpler way to do this, if you want to have inbound access through ISP2 should ISP1 fail or vise versa this becomes a bit complicated as may question arises with DNS , and NATing two different public IP blocks into single inbound host but possible, you would have place a router in front of firewall and BGP multihomed with two ISP.
You may also post your initial question in WAN routing forum, where there are much more audience that may have done your requirements.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...