I have two IP ranges coming from one provider over 1 T1, both are /29's. I've recently purchased an ASA 5510 to protect the office, but can't seem to make use of the second range of IP's. I'm connecting to a Cisco 2500 router and it all works fine with no firewall.
I have the second IP of the first range as eth0/0 and the second IP of the second range as eth0/0.1.
I'm sure it has something to do with routing, but I don't know how to specify the "next hop" as I do with the router in the policy route.
I'm at my wits end and fear that this firewall doesn't have the capabilities I was told it did (by the salesman of course).
Yes, two ranges and want to use them both on the ASA. I intended to leave the 2500 in place as I don't have a T1 card for the ASA.
I've thrown together a quick network diagram of how it "should" work. Just to reiterate the original post though:
from the outside, I can ping router just fine, but I can only ping the xxx.xxx.239.58 interface, this is because I have a default route on the ASA of xxx.xxx.239.57. There's no route for the xxx.xxx.237.0/29 network on the firewall. (although oddly, the router can't seem to ping the xxx.xxx.237.2 interface even though there on the same network)
The ASA is configured such that Eth0/0 is xxx.xxx.239.58/29 and Eth0/0.1 is xxx.xxx.237.2/29.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...