Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Routing Between ASA and 2811

Hi, I'm trying to successfully route traffic between two of my systems. I have 2 network both are using the ASA5520 (I've attach a diagram). I want network_A to communicate with Network_B. I've use a router in between (2811) and set an IP from network_A to F0/0 and network_B f0/1. I have a route on both ASA configured as this; for network_A's traffic coming from network_B route to F0/0 interface and vice versa. Now when I ping the other network it reply; but when I try to use telnet or the intranet on the other network it does not work. When I use the 2811 interfaces as the gateway for both hosts machine it can fully see the other network; what am I missing? Your input is much appreciated thanks.

New Member

Re: Routing Between ASA and 2811


i cant seem to download your topolgy, i think i understand what you trying to achieve.

1)Is your router in between the 2 ASA;s?

2)Is your ASA in routed or transparent mode?

3)have you configured ACL on the ASA's ?

4)please post the ASA config.


New Member

Re: Routing Between ASA and 2811

1)Yes, the router is in between both ASAs. The router bounds both networks together. It is connected to my 3750s

2)My ASA is in routed mode


4)I've attached the configurations of the 3 devices

New Member

Re: Routing Between ASA and 2811


I'm not quite clear with that what you want to achieve with this design.

If you want to telnet from Host_A to Host_B and still to have access to internet via ASA best way to do that is to leave default gateways as they are and add additional route to both hosts.


Host_A ip:

Host_A gw:

Host_B ip:

Host_B gw:

Then you add additional routes(you should modify these commands to accommodate them to your host os)

on Host_A route add

on Host_B route add

There are other ways to achieve similar functionality.

You can set router as default gateway for hosts and on router you can add routes for networks and for internet.

Also, you can setup asa with routing but then you must use same-security-traffic command to enable asa to allow that.

More on that:

Let us know if this was helpful for you.

New Member

Re: Routing Between ASA and 2811

What I want to do is to transfer file from one network to the other. The additional routes were added on the ASAs like you have stated. But not on the Host OS. Once I applied the route to the host from both network respectively it works. My previous config had the ASA inside interface as the host default-gateway and by default the ASA will not route packets on the interface it recieves it. I will give it a try to see how this turns out. If not I will use my 3750's as the host default-gateway instead of the ASA. Or add the additional route on my host. Thanks for all your help I will let you know how this turns out.

New Member

Re: Routing Between ASA and 2811


re what you put "and by default the ASA will not route packets on the interface it recieves it", that is where the same interface command come in handy