Jon Marshall Mon, 10/05/2009 - 09:38
"It seems that I can use the default route for both inside and outside network reachability"

Do you mean have them both at the same time ? If so not a good idea as the ASA will not know which default route applies to which traffic. You can have multiple default routes (up to 3) but they should all point out the same interface.


kicharle Mon, 10/05/2009 - 20:53
With two default routes, it will load balance.

Try to ping a device through outside interface, I think, you will get alternate success and failure.

Saurabh Kishore Tue, 10/06/2009 - 16:45
Hi Patrick,

What IOS version are you running on the firewall?

from what i know, this cannot be configured on the firewall. even if you try to add the second default route you should get an error.

pixfirewall(config)# route outside 0 0

pixfirewall(config)# route inside 0 0

ERROR: Cannot add route entry, possible conflict with existing routes

pixfirewall(config)# sh run route

route outside 1

So you can see clearly the the firewall will not let you enter the second default route.

The best possible solution to this will be to enter specific static routes on the firewall for your inside networks.


