Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

ASA/routing: inject route from NAT

Hello

ASA8.2 and ASA8.4, first one use classic nat, second ASA twice NAT.

I need to incject into ospf global outside adresses which are from NAT pools or static outside addresses.

On IOS when defining NAT pool i could add it to routing table.

How can i make something similar in ASA ?

I know i could add static routing for all of those pools/static outside addresses - and then redistribute it to ospf, but's

not nice solution, and it's prone for errors (it's easy to forgot to add static routing after adding nat rule)

Thanx

2 REPLIES
New Member

ASA/routing: inject route from NAT

use the Crypto reverse-route command.

crypto dynamic-map EZVPN 200 set reverse-route

or

crypto map VPN 10 set reverse-route

This will add the static route for the VPN networks to the ASA routing table and if you run a routing protocol on the ASA it will then add those routes. 

But keep in mind, an ASA is not a router, so it has very limited routing abilities.

New Member

ASA/routing: inject route from NAT

I do not have any VPNs on this ASA, reverse-route is just for VPNs

540
Views
0
Helpful
2
Replies
CreatePlease to create content