cicso 5515-x

We have recently installed Comcast business services and we also still have our previous provider.

We would like to configure the firewall to NA  all inbound traffic and have all but a few exceptions sent out Comcast while only certain outbound traffic is to go out the previous provider.

Is this possible?
Jeff_KingstonAsked:
Who is Participating?
 
btanExec ConsultantCommented:
this is much similar to the use of nat for the two ISP e.g.
nat (inside,outside2) after-auto source dynamic OBJ_GENERIC_ALL interface
nat (inside,outside) after-auto source dynamic OBJ_GENERIC_ALL interface
http://www.reddit.com/r/networking/comments/2ijq3m/outbound_nat_two_isps/cl3g03u

since with 2 ISP, you may wish to review the failover setup as baseline too. one main difference is the 2 x nat statement so that each have their nat and not be overridden
http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/70559-pix-dual-isp.html#diag
0
 
DonbooCommented:
Depends on if you know what destinations you need to reach out the old ISP. If you dont then you can only have one of your ISPs as failover.

There are no policy routing in the ASA like a router that can match like a source port or protocol sadly....
0
 
Jeff_KingstonAuthor Commented:
Will attempt this solution next
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.