Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Reverse Routing

Hi below i am enclosing basic view of my network.

I configured Nat Exemption in my ASA 5520

nat (inside) 0 172.20.0.0 255.255.0.0

route in ASA as

route outside 0.0.0.0 0.0.0.0 122.x.x.33 1

route inside 172.0.0.0 255.0.0.0 172.x.x.1 1

and configured PAT over my 2801 router inside interface where there is a route as follows

ip route 0.0.0.0 0.0.0.0 122.x.x.50

ip route 172.16.0.0 255.240.0.0 122.x.x.44

and my doubt is i want to configure PAT over my ASA 5520 and remove NAT in 2801 router how can i change the ROute commands in both ASA and Router

Please Help me in this regard

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: Reverse Routing

As far as i see, you do not need to change any route's commands.

however you may remove

ip route 172.16.0.0 255.240.0.0 122.x.x.44

as the firewall outside and router inside are directly connected, which consideration i made after reading the following statement "configured PAT over my 2801 router *inside* interface"

Keeping the route wouldn't cause any problem anyway.

Remember to Rate me if helpful.

2 REPLIES

Re: Reverse Routing

On the 2801 router :-

remove the IP NAT statements and also remove

ip route 172.16.0.0 255.240.0.0 122.x.x.44

On the ASA box (to PAT with the outside interface IP): -

no nat (inside) 0 172.20.0.0 255.255.0.0

nat (inside) 10 172.20.0.0 255.255.0.0

global(outside) 10 interface

Hope this helps.

New Member

Re: Reverse Routing

As far as i see, you do not need to change any route's commands.

however you may remove

ip route 172.16.0.0 255.240.0.0 122.x.x.44

as the firewall outside and router inside are directly connected, which consideration i made after reading the following statement "configured PAT over my 2801 router *inside* interface"

Keeping the route wouldn't cause any problem anyway.

Remember to Rate me if helpful.

268
Views
0
Helpful
2
Replies