Site-to-site and internet

Unanswered Question
Jan 3rd, 2008
User Badges:

Hi all, i have a scenario like this.





LAN_B -- 5505 ----- 5510 ----- 5505 -- LAN_C

With one ASA 5510 and two 5505, i can ping the networks LAN_A LAN_B and LAN_C, all works fine.

I need that the traffic from LAN B and LAN C to internet pass trough ASA 5510.

I dont want a direct traffic to internet from lanB and lanC, i want that this traffic pass trough my primary link in ASA 5510.

How can i do it? can anyone tell me something about how achieve it?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
jsivulka Wed, 01/09/2008 - 06:34
User Badges:
  • Bronze, 100 points or more

Traffic direct to the Internet must be NATed. It is not possible to send all the traffic to the central ASA and then accesses have access to the internet. The ASA will not redirect traffic out the same interface the traffic came in on. Use access-list.


This Discussion