In my network there is a Cisco ASA 55x0 with "inside" interface (network 192.168.79.0/24) and "outside" interface (network 89.x.x.48/29) There is this nat rule: object network NAToutside nat (inside,outside) dynamic interface and the static route route outside 0.0.0.0 0.0.0.0 89.x.x.49 1 and all ACL rules. Now I have another new outside network by another ISP called "outside2", this network is already natted and the Cisco ASA in in the network 192.168.70.0/24. I would use this network as a fallback one. So I set the nat rule: object network NAToutside2 nat (inside,outside2) dynamic interface and the static route with a different metric route outside2 0.0.0.0 0.0.0.0 192.168.70.1 2 Clearly it doesn't work: when I disconnect the outside ethernet cable no workstation can connect to the Internet throught the outside2 network... What do I need more?