Can not route inside to DMZ for access internet

Unanswered Question
Sep 11th, 2009
User Badges:

Dear All

i would like to ask you some question about ASA 5510.

Let me tell you on interface ASA:

interface E0/0 is outside

interface E0/1 is inside

interface E0/2 is DMZ (internet)

my problem is: i cannot route on inside to DMZ ..

wheni i type route command it show as below:

HQ-ASA5510(config)# route DMZ

ERROR: Cannot add route, connected route exists

Note: i all ask bellow:

-route outside

For DMZ i don't know how to route ?

Let me how can i solve this issue?

Please see in the attach file

Best Regards,


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
rechard_david Sat, 09/12/2009 - 19:13
User Badges:

Dear andrew,

The first, this device i used VPN connection (it not internet connection,just bridgh conneciton only)(int e0/0 for outside), but now i want to use internet so i have to create one more interface like DMZ on port int e0/2.

So how can i do inside can go out internet connection?

Best Regards,


rechard_david Mon, 09/14/2009 - 02:07
User Badges:

Dear all and andrew,

Any one do you have any solution?

Best Regards,


Jon Marshall Mon, 09/14/2009 - 03:13
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


Not sure what this route is meant to do -

route DMZ

that says, to get to the go out of the DMZ to

clearly that's not right. Also there is no mention of the address on your diagram.

Regardless of the above you will have to use a default route to get to the Internet so

route DMZ

If you are already using the default route and it looks like you might be ie.

"Note: i all ask bellow:

-route outside"

then you can't use that one. The default route has to be used for the Internet, unless you want to add routes for every single Internet destination !!!!

So you will have to add specific routes for your branch sites.



This Discussion