Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA out interface ip mask /32

Hi All,

Working on configuring ASA , where the ISP assigned outside IP:20.20.20.67/32 and gateway: 20.20.20.69.

This ASA will act as regular NAT device and L2L tunnel to another location.

My question is /32 on outside is good enough tfor doing this config.

Please review and suggest.

Thank you

MS

2 REPLIES
New Member

Re: ASA out interface ip mask /32

I just tried myself.. it is not accepted on ASA5510 interface. Saying 'bad Mask'.

Thank you

MS

New Member

Re: ASA out interface ip mask /32

I suggest you double check with your ISP.

The info you have doesn't make sense.

A 32 bits subnet is a one address subnet , meaning a single host. But your outside interface needs to be in the same subnet than your default gateway. The smallest subnet possible here would be a /30 subnet, wich give 4 addresses (2 usable) .

But .67 and .69 are not part of the same /30 subnet. And .67 would be a broadcast address in a /30 ( 64-65-66-67).

So .67 and .69 can only be part of at least a /29 subnet ( 64-65-66-67-68-69-70)

But you have to verify thisa with your ISP because both devices needs to be configure with the same subnet.

363
Views
0
Helpful
2
Replies