Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
489
Views
0
Helpful
4
Replies

Route-map/per subnet default route

ihouse205
Level 1
Level 1

‎10-29-2008 07:03 PM - edited ‎03-11-2019 07:05 AM

Good Day,

Let me preface this by saying that I do not have control over our router and getting any configuration changes would be problematic. (strange but true)

We currently have four subnets w/public IPs connected to 4 of the router ports. We are considering introducing wireless and, out of concern for conserving our addresses, are considering using private IPs nated to our current public IPs.

Looking at an ASA 5550, is there a way to configure it such that traffic originating from a particular private subnet is nated through a specific outside port of the ASA to the gateway address on the router?

Thanks

Labels:
0 Helpful
4 Replies 4

ofwegen
Level 1
Level 1

‎10-30-2008 06:15 AM

I think what you want is source-based routing. That's not supported in ASA at this time:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_qanda_item09186a00805b87d8.shtml#pbr

0 Helpful

ihouse205
Level 1
Level 1
In response to ofwegen

‎10-30-2008 11:09 AM

Thanks for the answer, but it seems some clarification is necessary.

I have four outside ports (out1-out4) and four inside ports (in1-in4).

The outside ports are configured with public IP addresses on the same subnet as the router port to which they are attached.

The inside ports are configured with private IPs (gateway for clients on private subnets). The client addresses on the private networks are natted corresponding to a specific interface e.g "in1" addresses are natted to the pool of public addresses in the "out1" pool.

I was making the assumption that in the course of being natted, a packet would be forwarded from the outside port to the next hop on the router w/o need for running a routing protocol and then get routed to its destination.

Or, that it was possible to configure a default route for each network such as "route out1 0 0 x.x.x.x (routerIP1)" and "route out2 0 0 x.x.x.x (routerIP2)".

Adding the global default route passes traffic, but then I'm only taking advantage of a small percentage of available bandwidth.

Is there any work around to get traffic from 4 private subnets routed onto 4 corresponding public networks when the only info in the routing table is comprised of direct connections or static routes.

Thanks

0 Helpful

guibarati
Level 4
Level 4
In response to ihouse205

‎10-30-2008 11:13 AM

Yes, using more then one context

0 Helpful

guibarati
Level 4
Level 4

‎10-30-2008 11:02 AM

If you are not using VPN you can configure more than one context and have different gateways to them.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card