I have a Cisco ASA firewall that's set up with an inside network, dmz network, and two outside networks. We have a track configured for internet failover for the zones outside (primary) and backup (secondary). We are going to be adding a new guest network, and would like that to by default route out the backup interface.
Is this actually possible, or does this qualify as Policy Based Routing? I thought this was possible with a new NAT ID and tweaking the corresponding NAT lines... like
nat (guest) 1 172.16.0.0 255.255.255.0
nat (inside) 2 0.0.0.0 0.0.0.0
global (backup) 1 interface
nat (outside) 2 interface
Would that work? I don't care about services, just the actual source of the traffic, and they will be completely separate interfaces.