1 Web/Mail Server, 2 Possible Gateways

    I would like to know if this is possible with my existing equipment. I will have two different ISP's, each supplying me with a respective public IP address. I will have a Cisco ASA5520 handling both ISP's. The ASA will be attached to a Cisco 3750 running the EMI IOS image. My web server will be attached to the 3750. What I would like to happen is for the web server to be accessible from either of the public IP addresses at any time. For example, let's say www.domain.com resolves to (ISP1) and backup.domain.com resolves to (ISP2). At this point in time the web server is going to send all it's traffic back out the default gateway (, so if an end user tries to access it via they will get no response. Is there a way to somehow 'tag' the packets maybe using CoS or DSCP and then use Policy Based Routing on the 3750 to send the traffic back out the interface from whence it came? Just need a kick in the right direction here..

LVL 11
Who is Participating?
Why not get your own network block and use BGP? Then you will have the redundancy of two connections but no need to worry about anything else. They will load balance when both are up and work just fine when 1 is down.
On the .1.1 router can you configure a route that forwards any trafic destined to .2.x to the other gateway?
TreyHAuthor Commented:
<<On the .1.1 router can you configure a route that forwards any trafic destined to .2.x to the other gateway?>>

If it is a http response from the web server, it's destined to go out the 1.1 because that's the default gateway. I need some way of knowing the request actually come from the 2.1 router.

<<Why not get your own network block and use BGP?>>

Blah, money$$ and plus one of the providers won't support BGP.

Thanks for the suggestions so far ...
TreyHAuthor Commented:
For anyone interested, here's a brief description of what I did to 'multihome' an email server without using BGP.

- Configure two private ip addresses (/30) on the Windows server.
- Configure static NAT entries on the gateway router. These
  entries translate to one of the two ip addresses (/30) on the
  server depending upon which ISP public ip it came in on.
- Used policy routing to source route packets back out the correct
  ISP using the source address of the server.

It's not pretty - but it worked in the lab. Will get me by while I work on BGP with the other ISP.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.