cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

5275
Views
5
Helpful
4
Replies
Rajesh Hirani
Beginner

ASA /31 subnet mask

 

Does any one know the reasoning behind not allowing the ASA to accept the /31 range to be configured on the interface?

 

1 ACCEPTED SOLUTION

Accepted Solutions
nspasov
Cisco Employee

Hey guys, actually Rajesh has a valid request. Using /31 subnet masks is something that has been supported on routers for a while and is a great and valid technique to preserve IP addresses for point-to-point links. For more info check this link:

http://packetlife.net/blog/2008/jun/18/using-31-bit-subnets-on-point-point-links/

Unfortunately, this is not a feature that is currently supported on ASAs. Perhaps this will change in the future but as of the latest code /31 masks are considered invalid. 

 

Thank you for rating helpful posts!

 

View solution in original post

4 REPLIES 4
Sarbjit-2014
Beginner

Hi Rajesh,

Why would you want to use /31 on a interface its not a valid subnet ?

Hi Rajesh,

With /31 there will be only two IP address possible. One is Network Base Address and other will be  Broadcast Address. So no possible host address. Thats why any interface will not allow /31 notation.

 

HTH

"Please rate helpful posts"

nspasov
Cisco Employee

Hey guys, actually Rajesh has a valid request. Using /31 subnet masks is something that has been supported on routers for a while and is a great and valid technique to preserve IP addresses for point-to-point links. For more info check this link:

http://packetlife.net/blog/2008/jun/18/using-31-bit-subnets-on-point-point-links/

Unfortunately, this is not a feature that is currently supported on ASAs. Perhaps this will change in the future but as of the latest code /31 masks are considered invalid. 

 

Thank you for rating helpful posts!

 

View solution in original post

Mark Walters
Beginner

Hi All - Looks like this feature is supported starting with 9.7(x). thanks, Mark