Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

How can ASA route packets that come in and out on the same interface?

Hi all,

How can I configure the ASA5520 to route packets that come in and out on the same interface? I’ve more than 1 network behind the ASA appliance. It’s separated by internal router. They can’t communicate for each other.

I’ve seen this is problem by design of PIX. Does it also apply to the ASA platform?

Please advice.

Thanks,

Nitass

1 ACCEPTED SOLUTION

Accepted Solutions
Gold

Re: How can ASA route packets that come in and out on the same i

this golden rule remains unchange. the only exception is with vpn traffic. e.g asa (or pix v7) would act as a hub to rediect vpn traffic between two spokes.

regarding your issue.

internet <--> asa <--> lan 1 <--> router <--> lan 2

assuming host at lan 1 has asa as the default gateway, even asa has a static route point to the internal router for lan 2, the golden rule will reject this operation.

one workaround is to re-configure the dhcp scope of lan 1 and make the internal router as the default gateway; and the internal router has the asa as the default gateway.

2 REPLIES
Gold

Re: How can ASA route packets that come in and out on the same i

this golden rule remains unchange. the only exception is with vpn traffic. e.g asa (or pix v7) would act as a hub to rediect vpn traffic between two spokes.

regarding your issue.

internet <--> asa <--> lan 1 <--> router <--> lan 2

assuming host at lan 1 has asa as the default gateway, even asa has a static route point to the internal router for lan 2, the golden rule will reject this operation.

one workaround is to re-configure the dhcp scope of lan 1 and make the internal router as the default gateway; and the internal router has the asa as the default gateway.

New Member

Re: How can ASA route packets that come in and out on the same i

Ok, I see. Thanks for your help.

Have a nice day,

Nitass

153
Views
0
Helpful
2
Replies