I've got the following scenario:
My Pix 515 outside interface is connected to a switch, on which I have two routers, each going to a different ISP. Lets call them ISP1 and ISP2.
ISP 1 is for all traffic except mail, ISP 2 is only for mail.
The two ISP routers run HSRP, the default route on the PIX is pointing to that HSRP IP.
On the ISP1 router I have installed policy based routing, which sets the next hop for all traffic comming from the mail server (which is situated inside the DMZ2) to the ISP2 router.
The mail server is in DMZ2, the Web Server is in DMZ1.
I am using static translations for the Mail and Web server to translate them into the private address space of the outside, and then again NAT on the IPS 1 and ISP 2 router to translate the addresses to their public addresses, visable on the net.
I have a problem now creating a full redundant scenario:
If ISP 1 router fails, no problem, all traffic will be directed from the PIX to the HSRP address and ISP 2 router takes over and all traffic will go via ISP 2 router.
If the IPS 1 service provider or line fails, also no problem, all traffic will be directed from the PIX to the HSRP address and ISP 2 router takes over and all traffic will go via ISP 2.
But I have a problem if the ISP2 router fails, because the policy based routing on ISP1 router will still try to send all mail packets via ISP 2 router and they will be dropped.
I could install another router, make him and the ISP2 router part of another HSRP group and have a separate line to the ISP 2, so I can do away with ISP 2 router as a single point of failure, but if the ISP 2 line or service provider fails (not the router but the actual ISP is down), I land up with the same problem. Mail will only go out via ISP 1 router if I change the config file and remove the policy that sends mail to the ISP 2 router.
Any Idea how I can create a scenario with 2 routers, policy based routing and HSRP on the outside PIX interface that will give me full redundancy?