ASA 5500 - IP Directed Broadcast - Wake on Lan

Unanswered Question
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
aghaznavi Wed, 12/26/2007 - 08:39
User Badges:
  • Silver, 250 points or more

The Static NAT command creates a fixed translation of the real address to the mapped address. This command can be used in order to assign a single public IP address to the single local IP address.

Static NAT Example:

hostname(config)#static (inside,outside) netmask

This command maps an inside IP address ( to an outside IP address (

puseth Mon, 12/19/2011 - 08:53
User Badges:

In routed mode, device is working at layer 3. By default, any layer 3 device will block broadcast. However,you are looking to pass WOL (Wake on LAN) which uses "directed broadcast" through ASA. This is different from normal broadcast traffic. 

IP defines a directed broadcast address for each physical network as all ones in the host ID part of the address. The network ID and the subnet ID must be valid network and subnet values. When a packet is sent to a

network's broadcast address, a single copy travels to the network, and then the packet is sent to every host on that network or subnetwork. For example, in a network, directed broadcast IP address is

In 6.x versions we used to pass directed broadcast traffic through PIX.

However, this changed in 7.x.

Later a defect was filed do revert back the behavior to pass directed broadcast through ASA/PIX 

If you are running any of the latest codes then you should be able to pass "directed" broadcast through ASA.

If this is not working for you, please get "show tech" and "syslogs+captures" of the failing traffic and let us know.

Vijay Singh Fri, 10/05/2012 - 09:42
User Badges:

Hola Puneet

Is there any configuration required on ASA to pass this type of traffic considering the example which you just spoke off?




This Discussion