04-09-2014 11:18 AM - edited 03-07-2019 07:02 PM
Hello All,
Attempting to use a ASA as a router !
I have two class C networks 10.0.0.0 and a 172.20.99.0 side by side in the same physical building running on separate hardware.
I have recently had a request to allow RDP sessions from the 172.20.99.X to 10.0.0.X. I installed a ASA5505 acting as a router, and it worked perfectly
for 6 hours. Then I noticed that my DHCP scopes were filling up with BAD requests. Can an ASA act as a router in such a scenario ?
Cheers
04-09-2014 07:43 PM
Hi,
Yes, the ASA should work fine as a router. Also, if it worked for 6 hours, than it is working. Take a look at your DHCP server and make sure everything is configured correctly. Have you excluded the IP address if the ASA interfaces for both subnets?
HTH
04-10-2014 12:06 AM
It also depends on the license on the ASA5505 I believe. If you haven't got the correct license you are limited to the amount of hosts that can be behind a certain zone?
This may be one of the reasons why it has stopped working?
The bad addresses would reflect that the address the dhcp server wants to lease has already been taken, therefore marking it as bad.
hth
04-10-2014 01:36 AM
As Bilal says you may have hit upon a licensing limit. Run the following command :
show local-host connection | inc licensed
One way around this would be to NAT your internal network before it reaches the ASA 'inside' interface, but you'd need another router for this....and no one likes NAT!
cheers,
Seb.
04-10-2014 03:30 AM
As the others said check licensing for internal host , also is the ASA providing DHCP or another central server behind one interface ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide