Hi, you have three way: Policy-Based Forwarding (PBF) (medidium complexity) Configure PBF rules to specify: General traffic (internet) uses ISP1. Specific applications (Teams and Outlook) use ISP2. Advantage: Flexible routing based on criteria like applications, IPs, or zones. Example: PBF1: Traffic from LAN to the internet → ISP1. PBF2: Applications ms-teams and outlook-web → ISP2. or Static Routing with NAT (easy complexhity) Use static routes and NAT rules: Configure a default route pointing to ISP1. Add specific static routes (e.g., for Teams and Outlook domains or IPs) pointing to ISP2. Advantage: Simple to implement but less flexible. Example: Destination: IP_Teams → ISP2. Default: 0.0.0.0/0 → ISP1. Or SD-WAN if supported (High complexity)

@@CrazyNet thanks a lot sir.

Thank you! How to utilize 2 ISP at same time(Active/Active) you can use ECMP Multi-Path Routing also LAN user should access internet even after any one of the ISP are down ---> I'm not sure what you mean...do you mean if two ISP are down ? with the example on the video if one provider is down the other go up

Let say example below LAN 192.168.100.0/24 goes to ISP1 and LAN 192.168.200.0/24 goes to ISP2 at same time. If ISP2 goes down then 192.168.200.0/24 should work from ISP1. Hope u understand the scenario

Thank you I think I got the solution what I am looking for, as you refered before ECMP should be enabled and then two default route with same metric to access two ISP. From NAT and security policy , we have segregate the rules as per our requirements like FIRST IN FIRST OUT. But how about GLOBAL PROTECT VPN with dual ISPs.. Thank you

about GLOBAL PROTECT VPN with dual ISPs..

well technically should be automatic, but to be honest i never used active/active for ISP, But... i am going to create a lab to have look about this kind configuration and eventually i could post a video

@chandeoun hello dear, yes u can Single VR: More straightforward, suitable for many scenarios. PBF can be configured to use either ISP within the same VR, handling failover with monitoring profiles. Dual VR: Offers greater flexibility and isolation between ISPs, potentially simplifying complex setups or where more granular control is needed.

If u want use a single public subnet across two or more ISP u need to buy an ASN and set bgp multi homed on the channel I have a video about this king of setup