Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
968
Views
0
Helpful
2
Replies

ASA Dynamic Routing and Static NAT

Go to solution
Chuan Liu
Level 1
Level 1

‎12-11-2011 06:13 PM - edited ‎03-11-2019 03:01 PM

Hi,

I have a ASA5510 with 2 internal interfaces (inside1 and inside2 same security level) configured with OSPF for dynamic routing with 2 routers to corporate subnets. I have a server in a private subnet that needs to be accessed from Internet. So static pat is used in ASA with the command

static (inside1, outside) tcp interface www 192.168.1.1 www netmask 255.255.255.255

As OSPF is in use, the subnet 192.168.1.0/24 may be reachable from interface inside2. When I tried to configure the static command for inside2,

static (inside2, outside) tcp interface www 192.168.1.1 www netmask 255.255.255.255

the error message came out "WARNING: mapped-address conflict with existing static...". Is this just a warning, or this is not possible in ASA.

Thanks.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ajay chauhan
Level 7
Level 7

‎12-11-2011 11:04 PM

This is not possible routing for subnet 192.168.1.0/24 will only point to one interface  inside1 or inside 2. Thats the reason error msg is coming.

In ASA when we configure route we need to tell outgoing interface for ex.

route inside x.x.x.x x.x.x.x

So while configuring 2nd command of yours makes ASA confusing what would be the outgoing interface for this traffic.

Thanks

Ajay

View solution in original post

0 Helpful
2 Replies 2

Go to solution
ajay chauhan
Level 7
Level 7

‎12-11-2011 11:04 PM

This is not possible routing for subnet 192.168.1.0/24 will only point to one interface  inside1 or inside 2. Thats the reason error msg is coming.

In ASA when we configure route we need to tell outgoing interface for ex.

route inside x.x.x.x x.x.x.x

So while configuring 2nd command of yours makes ASA confusing what would be the outgoing interface for this traffic.

Thanks

Ajay

0 Helpful

Go to solution
Chuan Liu
Level 1
Level 1
In response to ajay chauhan

‎12-12-2011 11:30 AM

Thanks Ajay,

Then what is the point of having dynamic routing capability in ASA?

Regards.

Chuan

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card