Route-map/per subnet default route

Unanswered Question
Oct 29th, 2008
User Badges:

Good Day,


Let me preface this by saying that I do not have control over our router and getting any configuration changes would be problematic. (strange but true)


We currently have four subnets w/public IPs connected to 4 of the router ports. We are considering introducing wireless and, out of concern for conserving our addresses, are considering using private IPs nated to our current public IPs.


Looking at an ASA 5550, is there a way to configure it such that traffic originating from a particular private subnet is nated through a specific outside port of the ASA to the gateway address on the router?


Thanks





  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ihouse205 Thu, 10/30/2008 - 11:09
User Badges:

Thanks for the answer, but it seems some clarification is necessary.


I have four outside ports (out1-out4) and four inside ports (in1-in4).


The outside ports are configured with public IP addresses on the same subnet as the router port to which they are attached.


The inside ports are configured with private IPs (gateway for clients on private subnets). The client addresses on the private networks are natted corresponding to a specific interface e.g "in1" addresses are natted to the pool of public addresses in the "out1" pool.


I was making the assumption that in the course of being natted, a packet would be forwarded from the outside port to the next hop on the router w/o need for running a routing protocol and then get routed to its destination.


Or, that it was possible to configure a default route for each network such as "route out1 0 0 x.x.x.x (routerIP1)" and "route out2 0 0 x.x.x.x (routerIP2)".


Adding the global default route passes traffic, but then I'm only taking advantage of a small percentage of available bandwidth.


Is there any work around to get traffic from 4 private subnets routed onto 4 corresponding public networks when the only info in the routing table is comprised of direct connections or static routes.


Thanks



guibarati Thu, 10/30/2008 - 11:13
User Badges:
  • Bronze, 100 points or more

Yes, using more then one context

guibarati Thu, 10/30/2008 - 11:02
User Badges:
  • Bronze, 100 points or more

If you are not using VPN you can configure more than one context and have different gateways to them.

Actions

This Discussion