Static Entry - ASA

Answered Question
Nov 3rd, 2009

Hello,

OSPF is running between L3Switch and ASA but still need static entry on L3Switch to forward traffic to ASA.

ip route 0.0.0.0 0.0.0.0 192.168.1.10

Can someone explain why?

Correct Answer by Jon Marshall about 7 years 3 months ago

Nasr

"On ASA I have default route like this

ip route 0.0.0.0 0.0.0.0 80.11.22.33 ( ISP Router)

and internal routing via OSPF."

But have you told the ASA to send this default route to the L3 switch with the default-information originate command -

http://www.cisco.com/en/US/docs/security/asa/asa72/command/reference/d2_72.html#wp1773168

Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Jon Marshall Tue, 11/03/2009 - 12:12

Nasr

Have you configured the ASA to generate a default route and send it to the L3 switch ?

If not then you would indeed need a static route on the L3 switch assuming the ASA is for Internet connectivity.

Jon

nasr.khan Tue, 11/03/2009 - 12:43

On ASA I have default route like this

ip route 0.0.0.0 0.0.0.0 80.11.22.33 ( ISP Router)

and internal routing via OSPF.

I understand its needed on ASA to add static route for ISP Router to send all traffic on internet.

but dont understand why I need static route on L3Switch if ospf is running.

Actions

This Discussion