I need to create a dual ISP scenario. This FW has 2 interface with differents ISP. (ppoe)
We would like to balance both ISPs and in the case one of this ISP goes down, all traffic takes the ISP up in that moment. So i was checking,
Also i would like to force some trust range to take interface 1/2 (using PBF), an in the case this interfaces 1/2 goes down, to take int1/3
on the another hand, there are several services on internet for this public IP. So how ca we public the NAT in both ISP interface??? clonning all the NATs using the new ISP IPs??? thats enough i think
outbound you would be ok with ECMP and using PBF policies to force certain traffic onto a specific interface
outbound NAT would simply be regular outbound hide-NAT with a destination interface set and source NAT to the proper ISP subnet (clone and change destination interface + source translation)
Inbound NAT will only work for the ISP that routes the public IP so this can only be configured once for the appropriate ISP (so no cloning here)
Thanks reaper. Outbound is ok.
Thinking in inboud:
We have these NAT rules:
ISP1 is 184.108.40.206:
So, there is any way to clone all these NAT rules changing ISP 220.127.116.11, and if ISP 18.104.22.168 goes down, the inbound sessions take ISP 2???? any NAT track or way to configure public services with both ISPs?
The only way to get inbound redirection to work would be to use an external load balancer. That way the LB would know which way is the best path and route to it while the public DNS record points to the LB IP's.
Hope that helps.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!