We have recently moved a large client from a flat network structure at each site ( more than 30 total sites) and an unstructured routing plan from edge to core. They now have a structured WAN that coincides with their LAN Structure. Since we completed the transition we have noticed thousands of failed nat translations on the INSIDE of our ASA. From doing a bit a research we have narrowed these packets down to requests from hosts on the new networks requesting resources on the the old network.
I attempted to create static routes for these old networks with a gateway of loopback 0, to force the Core router to dump the packets instead of forwarding them to the default router which is my edge ASA. However I either did this wrong or I am trying to be to clever because it did not affect the packets getting through to the INSIDE of my ASA.
Does anyone out there have a better idea or can you help me understand what I did wrong with my static route? As a secondary does anybody out there have an idea or an example of how to run down all these devices that are calling old ip resources?
If I am understanding your post correctly you have some destination addresses that were part of the old network structure and they are being routed by the default route to your ASA since there is no longer a route to that network in the routing table. You attempted to configure a route for that network so that the traffic would no longer be routed to the ASA. That should be possible. Would you be able to provide some additional details (especially the specifics of the route that you attempted to configure)? If we had more specifics to work from we might be able to identify your difficulty and to suggest a solution.
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...
Attached policy provides CLI access to the Cisco 4G router over text messaging. Two files are in the attached .tar file:
2. PDF with instructions on how to load and use the .tcl file.