We help IT Professionals succeed at work.
Get Started

dual ISP on Cisco ASA firewall

1,358 Views
Last Modified: 2012-07-19
hello expert
there are two ISP circuit connected with my ASA, i want make internal users from different VLAN to access internet through different ISP, below is the configuration on the ASA but looks like it doesn't work, only vlan2 users could access internet, so i need your suggestions.

thank you

interface Ethernet0
 duplex full
 nameif outside
 security-level 0
 ip address 119.x.x.x 255.255.255.252
!
interface Ethernet1
 nameif inside
 security-level 100
 ip address 192.168.1.1 255.255.255.0

!
interface Ethernet5
 duplex full
 nameif outside2
 security-level 0
 ip address 59.x.x.x 255.255.255.252

access-list vlan2 extended permit ip 192.168.2.0 255.255.255.0 any
access-list vlan3 extended permit ip 192.168.3.0 255.255.255.0 any

global (outside) 1 interface
global (outside2) 2 interface
nat (inside) 1 access-list vlan2
nat (inside) 2 access-list vlan3

route outside 0.0.0.0 0.0.0.0 119.x.x.y 1
route outside2 0.0.0.0 0.0.0.0 59.x.x.y 2
Comment
Watch Question
CERTIFIED EXPERT
Commented:
This problem has been solved!
Unlock 1 Answer and 5 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE