cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
289
Views
0
Helpful
4
Replies

Using a ASA as a router ?

Alex Li
Level 1
Level 1

Hello All,

Attempting to use a ASA as a router !

I have two class C networks 10.0.0.0 and a 172.20.99.0 side by side in the same physical building running on separate hardware.

I have recently had a request to allow RDP sessions from the 172.20.99.X to 10.0.0.X. I installed a ASA5505 acting as a router, and it worked perfectly

for 6 hours. Then I noticed that my DHCP scopes were filling up with BAD requests. Can an ASA act as a router in such a scenario ?

 

Cheers

4 Replies 4

Reza Sharifi
Hall of Fame
Hall of Fame

Hi,

Yes, the ASA should work fine as a router.  Also, if it worked for 6 hours, than it is working.  Take a look at your DHCP server and make sure everything is configured correctly.  Have you excluded the IP address if the ASA interfaces for both subnets?

HTH

 

It also depends on the license on the ASA5505 I believe. If you haven't got the correct license you are limited to the amount of hosts that can be behind a certain zone?

This may be one of the reasons why it has stopped working?

The bad addresses would reflect that the address the dhcp server wants to lease has already been taken, therefore marking it as bad.

hth

Please rate useful posts & remember to mark any solved questions as answered. Thank you.

As Bilal says you may have hit upon a licensing limit. Run the following command :

show local-host connection | inc licensed

One way around this would be to NAT your internal network before it reaches the ASA 'inside' interface, but you'd need another router for this....and no one likes NAT!

cheers,

Seb.

 

Aaron Ratcliffe
Level 1
Level 1

As the others said check licensing for internal host , also is the ASA providing DHCP or another central server behind one interface ?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco