Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
332
Views
0
Helpful
3
Replies

Network Ghost...could use some ideas.

cratejockey
Level 1
Level 1

‎08-30-2007 11:37 AM - edited ‎03-03-2019 06:32 PM

We have recently moved a large client from a flat network structure at each site ( more than 30 total sites) and an unstructured routing plan from edge to core. They now have a structured WAN that coincides with their LAN Structure. Since we completed the transition we have noticed thousands of failed nat translations on the INSIDE of our ASA. From doing a bit a research we have narrowed these packets down to requests from hosts on the new networks requesting resources on the the old network.

I attempted to create static routes for these old networks with a gateway of loopback 0, to force the Core router to dump the packets instead of forwarding them to the default router which is my edge ASA. However I either did this wrong or I am trying to be to clever because it did not affect the packets getting through to the INSIDE of my ASA.

Does anyone out there have a better idea or can you help me understand what I did wrong with my static route? As a secondary does anybody out there have an idea or an example of how to run down all these devices that are calling old ip resources?

Thanks for your help.

Labels:
0 Helpful
3 Replies 3

Richard Burts
Hall of Fame
Hall of Fame

‎08-30-2007 11:56 AM

Josh

If I am understanding your post correctly you have some destination addresses that were part of the old network structure and they are being routed by the default route to your ASA since there is no longer a route to that network in the routing table. You attempted to configure a route for that network so that the traffic would no longer be routed to the ASA. That should be possible. Would you be able to provide some additional details (especially the specifics of the route that you attempted to configure)? If we had more specifics to work from we might be able to identify your difficulty and to suggest a solution.

HTH

Rick

HTH

Rick
0 Helpful

bfele
Level 1
Level 1

‎08-30-2007 08:13 PM

try next hop interface null0 instead of loopback0.

0 Helpful

dcarlton
Level 1
Level 1

‎08-31-2007 03:16 AM

You static routes for the old networks should go to null0 interface. This should dump them if the reach the router with the routes.

Did you redistribute the static routes you created?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card