What is the alternate solution for Policy Base Routing in ASA 5510
I am experiencing some issues when traffic from my internal network, need to be pass throught a ASA 5510 and then forward to a particular DSL. In my ASA I have three interface. A internal, and two public interface. I a deflaut route to pass traffic throught one of the public interface. Then the there are static routes to foward traffic throught the other public interface.The packet that go throught these public interfaces go to two DSL.
I want to add a next vlan to my network and add a new DSL for that vlan. I want to then forward traffic throught the ASA and then to the new DSL. The ASA 5510 dont do policy base routing.What is the alternate solution for Policy Base Routing in ASA 5510 ?
What is the alternate solution for Policy Base Routing in ASA 55
I think the only option with the ASA itself is to have it running minimum one of the latest 8.4 release or some 9.x software.
This will enable you to use NAT to manipulate the egress interface which is chosen for particular traffic. For example you can take traffic from all networks behind one interface and forward it all through a particular WAN interface on the ASA.
Naturally this will create a NAT configuration which is more complex and requires more thought to set up depending how complext the actual network setup is.
But essentially a "PBR like" solution is possible with the new NAT
But you have to be running a pretty new software that uses the new NAT format.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...