Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
302
Views
0
Helpful
2
Replies

Split Routing Question - ASA and VPN3020

p-allen
Level 1
Level 1

‎06-01-2007 09:10 AM - edited ‎03-05-2019 04:26 PM

Is there a way to route traffic from one address to our VPN3020 and from other addresses out our ASA? Right now we have a static route that pushes all traffic destined for a certain destination out our VPN3020 and we have someone that is not on the ACL that wants to be able to traceroute to it but it dies at our VPN3020.

Labels:
0 Helpful
2 Replies 2

Richard Burts
Hall of Fame
Hall of Fame

‎06-01-2007 09:15 AM

Phil

You do not give us any information about your topology and what other equipment is involved and that makes it difficult for us to give you a definitive answer. In general if traffic is passing through a router you could configure Policy Based Routing and treat traffic from a particular source address differently. It sounds like that would do what you want.

If that does not provide the answer that you need then perhaps you can provide a bit more information about the environment.

HTH

Rick

HTH

Rick
0 Helpful

nhan.duong
Level 1
Level 1

‎06-03-2007 05:34 AM

Yes, you can split your route by using static route or route-map

IP route y.y.y.y m.m.m.m vpn3020

IP route x.x.x.x m.m.m.m ASA

or

access-list 101 permit ip x.x.x.x m.m.m.m x.x.x.x m.m.m.m

route-map xyx permit 10

match ip address 101

set ip next-hope ASA

and you also mention traceroute is dies at your VPN3020. Yes, it might cause by IP is not allow on ACL, but also make sure you allow ICMP, traceroute is all about echo-request and echo-reply.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card