ASA advertise NAT network

Unanswered Question
Jun 11th, 2008
User Badges:

Hello,

I have an ASA 8 firewall running OSPF without any problem and working as a ABR. However I do not know how to solve the next problem.


Soon I will have to configure a new private network on the device and a public network will be assigned to do some static NATs to this network and give public access. How can I advertise this public network to the backbone area if it's not connected to the device?


Thanks.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
tstanik Tue, 06/17/2008 - 13:00
User Badges:
  • Bronze, 100 points or more

ASA does not advertise NAT addresses or range as routes to neighbors. Looks like you will have to add static routes and advertise these static routes by redistribution.

If the user has a lot of servers with IP all over the map, which he can not classify these addresses into subnets for each interface, one thing you can do, create host static routes. Then redistribute static. If you don't want to advertise a lot of host routes to neighbors, you can add a "summary-address" command.


Below URL helps you for the NAT with firewall configuaration:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00800b6e1a.shtml


Actions

This Discussion