ASA 5520 - Adding New (Second ) ISP routing/NAT question
We are switching providers & need to know if I can route/NAT both providers at the same time.
By having both providers connected on different interfaces it would give me the ability to test the new ISP & would give me the flexibility to make changes to DNS.(we house several websites on our DMZ interface on the firewall)
As far as routing is concerned, yes. But the problem is that the NAT function (at least the static) is bi-directional. So traffic from the internal source will be translated to the 'passive' ISPs mapped IP (public IP). But it will be routed out the primary ISP. Whether this would work, depends on how your ISP is configured (Access-lists etc). Its worth a try tough.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...