routing without a Gateway

Unanswered Question


I have diferents VLANS interconnected trough a 6506 and an ASA5520 (for the DMZ).

In a DMZ VLAN port of a 3560 I have a machine that hasn't got Gateway. The IP default-gateway is for the rest VLAN's in the inside.

What can I do to connect this machine with http from the inside?

Can you help me?

Thanks. Regards.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jasonbiel Thu, 09/27/2007 - 05:35

A system in the DMZ vlan should be using the DMZ interface ip of the ASA for its gateway.

jasonbiel Thu, 09/27/2007 - 06:14

If you want to access this device via HTTP across the inside interface of the ASA, you need to make sure there no are ACLs limiting traffic to / from your inside interface to the DMZ and vice versa.

paul.matthews Thu, 09/27/2007 - 06:16

Two suggestions. Set the mask wide and enable proxy arp on the local routing interface.

Alternatively, configure NAT such that any connections coming in for this device appear to be on the local subnet.

Neither of these are great, but they may just give you connectivity.


This Discussion