Hi All,
I have an inside subnet of 192.168.29.0/24 NATed to our public IP address through our Palo. From the Palo it is connected to an ASR router nating our public IP to another public IP on the secondary ISPs side. The traffic continues to flow through the main ISP and I would like it to route through the secondary ISP. Any ideas? Configuration provided below.
Like this:
ip nat inside source static X.X.X.X interface GigabitEthernet0/0/2 (our public IP out interface GigabitEthernet0/0/2)
int GigabitEthernet0/0/2
ip address dhcp
ip nat outside
negotiation auto
int TenGigabitEthernet0/1/1
desc TO FIREWALL
no ip address
ip nat inside
ip policy route-map FIREWALL
ip access-list extended FIREWALL
permit ip host X.X.X.X any (our public IP)
route-map FIREWALL
match ip address FIREWALL
set ip next-hop X.X.X.X (gateway address of ISP public IP)
No comments:
Post a Comment