Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

STATIC ROUTES ON ASA

Hi All,

BACKGROUND

We have configured an ASA for dual WAN redundancy using SLA monitors, ISP1 is a dynamic IP address with Virgin media, and ISP2 (failover) has a static IP address.

PROBLEM

When we try to configure the static routes we need the default gateway or "next hop" address, but with the primary connection this changes if the IP address changes. So, our question for all you experts is how do we get around this issue??

As always help greatly appreciated.

Regards,

1 ACCEPTED SOLUTION

Accepted Solutions
Purple

STATIC ROUTES ON ASA

Hi,

taken from here:http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/route_static.html

hostname(config)# interface phy_if

hostname(config-if)# dhcp client route 
track track_id

hostname(config-if)# ip addresss dhcp 
setroute

hostname(config-if)# exit

Regards

Alain

Don't forget to rate helpful posts.
4 REPLIES
Purple

STATIC ROUTES ON ASA

Hi,

Your default gateway is static it is your IP adress which is dynamic.

Regards

Alain

Don't forget to rate helpful posts.

Don't forget to rate helpful posts.
New Member

Re: STATIC ROUTES ON ASA

Hi Alain,

Thanks for reply. Yes, thats what we thought but we understand from Virgin media that the gateway address can also change with a change of IP address. (DHCP). My understanding is that most ISPs will have several gateway addresses to provide resilience, but no matter what IP address is assigned through DHCP (Dynamic) the chosen gateway address should always work provided that the specific network is available. We have obtained the gateway address assigned from the "show route" output.

Any more thoughts??

Purple

STATIC ROUTES ON ASA

Hi,

taken from here:http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/route_static.html

hostname(config)# interface phy_if

hostname(config-if)# dhcp client route 
track track_id

hostname(config-if)# ip addresss dhcp 
setroute

hostname(config-if)# exit

Regards

Alain

Don't forget to rate helpful posts.
New Member

Re: STATIC ROUTES ON ASA

Hi Alain,

Thanks for your input and apologies for our late reply we had to Lab this up and have been a little busy in the last day or so.

Anyway, yes this has fixed the problem although complicated slightly by the fact that our Customer has multiple VPNs terminating on the ASA. We also spoke with our ISPs and they both confirmed that they operate a pool of IP addresses as gateways that should be reachable from any connection to their network irrespective of what the public IP address assigned maybe on the end user site.

Thanks again for your help I have marked correct answer.

Regards,

168
Views
0
Helpful
4
Replies