Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco 5505 Base with 2 x external Networks on different ranges.

Hi Guys.

I have a ISP that is providing us with 2 networks 63.xxx.xxx.xxx/29 and 212.xxx.xxx.xxx/29 using a cisco router.
That router is connected to a 5505 with a base license. The setup would be:
0/0 Router to firewall 212.xxx.xxx.xxx
0/1 Firewall to local network switch 0/1 10.2.4.1 .....
Attached to the local network I have a couple of servers that use Nat to get the ext ip address.
For some reason the NAT on the 63.xxx.xxx.xxx network is not working, If I try to create it, the server will loose connectivity with the outside.

If I setup a server with a static ip using the 63 network behind the firewall it wont work (without the NAT that is supposed to be handled by the ISP switch), if i plug it straight to the switch it works .


The only way I have been able to get it working was to setup a secondary 5505 with the 63.xxx.xxx.xxx network and connect it as follows.

ISP RoUTER -- Switch ---2 x Cisco 5505 (connected with a site to site VPN ) one of them with the 63 and the other one with the 212 network.


I have the same config working on 5510 without any problems, might it be a license issue?

 

Thanks.

1 REPLY
Cisco Employee

Hello; On the router, you can

Hello;

 

On the router, you can put a host route for the IP address 63.x.x.x pointing to the 212 address of the ASA? I believe that is what you are missing.

 

Configuration example.

ASA nat (inside,outside) source static 10.2.4.2 63.1.1.2 

On the router:

ip route 63.1.1.2 255.255.255.255 212.1.1.2 (assuming 1.2 is the firewall)

 

That would do the trick.

Mike

 

Mike
41
Views
5
Helpful
1
Replies
CreatePlease login to create content