Cisco ASA 5505 with Security Plus - 2 ISP's with NAT's to internal hosts from each ISP?
Posted on 2014-07-30
I have a Cisco ASA 5505 with security plus licensing and unlimited hosts that currently has (2) ISP's installed:
VLAN 1: INSIDE
VLAN 2: OUTSIDE-1 (ISP 1 = /29 from tier 1 ISP)
VLAN 3: OUTSIDE-2 (ISP 2 = /29 from tier 1 ISP)
I have set ROUTE OUTSIDE statement as:
route outside 0.0.0.0 0.0.0.0 ISP-1-GATEWAY 1 (metric of 1)
route outside 0.0.0.0 0.0.0.0 ISP-2-GATEWAY 2 (metric of 2)
I am not sure how to setup the NAT statement (state inside,outside) so that an IP address on ISP-2 will statically translate the same as the ones that I have on ISP-1 using standard static (inside,outside) statements. I UNDERSTAND that to do this correctly, we need Policy Based Routing (PBR) and that the ASA does not do this, but I have seen examples of differnet NAT statements that have gotten this to be able to work in some capacity.
The IOS version is 8.25