cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1069
Views
10
Helpful
6
Replies

Disabling Proxy-ARPs on Cisco ASA's outside interface prevents going outside

zolfaghar
Level 1
Level 1

Hi there,

While I disable Proxy-ARPs on Cisco ASA's outside interface, no connection to outside (Internet) can be established.

ASA model is 5540 (version 8.4(1)) and default route to ISP is configured statically.

Note: NATs are done in the ASA and ASA is connected directly to ISP.

Sincerely

6 Replies 6

Philip D'Ath
VIP Alumni
VIP Alumni

If the default gateway is definitely correct, make sure the subnet mask is correct.

The default gateway and your outside IP address must be in the same subnet.

Dear Philip,

First I have to express my thanks for your reply,

The default gateway and outside IP address are in the same subnet. Is the problem can be related to NATs or ACLs in the ASA?

It can't be ACLs. It could be NAT.

Abstract topology is attached.

(What issue on ASA NATs can lead default route to be ignored?)

You really want to avoid dual connected servers like that.  You could just as easily have an asymmetric routing issue.

Could you explain a little more?