09-02-2017 08:55 AM - edited 02-21-2020 06:16 AM
Hello, need help in deleting static route to outside interface. New to ASA, I picked up a asa firewall for a home lab and it is behind a ARRIS NVG599. I have set my outside interface to obtain an IP Address from DCHP on network 192.168.1.0. I have my Inside interface configured to support 10.1.1.0 network but cannot ping from a machine connected to the inside interface to a machine on the outside interface. My thought process was to create a static route to 192.168.1.254 but that did not work. So now I'm thinking to set a static route to the IP Address that the outside interface has which is 192.168.1.111 but I cannot delete the current static route which is 0 0 192.168.1.254. So how can I delete the current static route?
Solved! Go to Solution.
09-02-2017 03:32 PM
Thank you, that seems to have worked. Thank you so much
Another question any Ideas of how to NAT behind an ARRIS
NVG599. I tried using the example below but it did not work. Also, I cannot ping from the 10. network to a 192. network.
The following example configures dynamic NAT that hides 192.168.2.0 network behind a range of outside addresses 10.2.2.1 through 10.2.2.10:
|
09-02-2017 01:32 PM
Try this:
clear configure route
09-02-2017 03:32 PM
Thank you, that seems to have worked. Thank you so much
Another question any Ideas of how to NAT behind an ARRIS
NVG599. I tried using the example below but it did not work. Also, I cannot ping from the 10. network to a 192. network.
The following example configures dynamic NAT that hides 192.168.2.0 network behind a range of outside addresses 10.2.2.1 through 10.2.2.10:
|
09-02-2017 04:57 PM
09-02-2017 04:59 PM
Don't follow.
What about Arris? Can you put a draw? Or explain better your environment?
Sure we can help.
09-17-2017 01:10 PM
09-02-2017 03:33 PM
09-03-2017 08:10 PM
Ping is not generally a good test as is it not inspected by default when passing through an ASA. You need to add 'inspect icmp' to the default class-map for the ASA to keep track of the ping (icmp echo request) packets and allow the echo replies.
Generally I try to test using a tcp-based connection like ssh, telnet or http.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide