ASA Routing (Network Addressing)

Unanswered Question
Nov 1st, 2007


I have configured an ASA 5510 at our data center. The problem I am facing is that in the network range of 0 to 255 there are servers with /24 masking and these are already routed by the router. I want to deploy the ASA firewall only to 6 of these servers which currently have the address from .9 to .14 and the firewall has the address .8 on its internal interface. How should I deploy or further subnet the network of /24 so that these 6 servers can be routed through the firewall instead of the router.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Jon Marshall Thu, 11/01/2007 - 13:13

Hi Murtaza

You have a couple of choices really.

1) If you don't want to readdress your servers you could use the ASA in transparent mode and place the 6 servers in one vlan and leave the rest of the servers in the original vlan. Note that your are using 2 vlans but the same IP subnet and the ASA bridges between the 2 vlans.

2) Create a new subnet for your 6 servers plus the ASA ie. a /29 or /18 subnet would do the trick but obviously you now need to readdress both your servers and the inside interface of the ASA.



csco11029214 Thu, 11/01/2007 - 13:35

Thanks Jon,

Both the options are quite achievable although the first one looks better, will have to work around with it. Thanks again.




This Discussion