Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1326
Views
5
Helpful
3
Replies

ASA5505: Policy Based Routing only possible if a routing protocol is enabled?

Go to solution
rherud
Level 1
Level 1

‎07-02-2019 06:18 AM - edited ‎02-21-2020 09:15 AM

Hello everybody,

I have a ASA5505 running OS rel. 9.1(7)32.

Between this ASA and the target network are two different lines, one with encryption (S2S VPN) and one MPLS line.
Depending on the source IP network I need to route that packets defferently.

The packets comming from source network A need to go though the S2S tunnel terminated on this ASA and the rest of the traffic goes over the MPLS line.

On the ASA there are no routing protocols enabled because there are not may networks to handle.

Now I want to configure PBR as like in this example:
http://resources.intenseschool.com/policy-based-routing-on-the-cisco-asa/
but when I want to 'set ip next-hop <ip-addr>' I saw this is not possible:


ASA5505(config)#
ASA5505(config)# route-map PBR4Server permit 10
ASA5505(config-route-map)# match ip address DMZ2Server
ASA5505(config-route-map)# set ?

route-map mode commands/options:
metric Set metric value for destination routing protocol
metric-type Set type of metric for destination routing protocol
ASA5505(config-route-map)# set ip next-hop ?
ERROR: % Unrecognized command

 

My questions:
1. Is it possible to configure Policy Based Routing only possible if a routing protocol is enabled?
2. If this is the case: Is there any other possibility to route to a certain target depending on the source network the packets come from (without routing protocols)?

Every hint is very welcome!


Thanks a lot!


Greatings!

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎07-03-2019 08:41 PM

Hi

PBR doesn't work on your asa 5505 because it requires version 9.4.1 minimum and this level of version isn't available for your device.
You can't achieve source based routing but playing around with nat could maybe help. Do you have a quick drawing to share? and your asa config?

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

3 Replies 3

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎07-03-2019 08:41 PM

Hi

PBR doesn't work on your asa 5505 because it requires version 9.4.1 minimum and this level of version isn't available for your device.
You can't achieve source based routing but playing around with nat could maybe help. Do you have a quick drawing to share? and your asa config?

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Go to solution
rherud
Level 1
Level 1
In response to Francesco Molino

‎07-03-2019 10:36 PM

Hi Francesco,

 

thanks for your hint with the minimum version for PBR!

This helps me a lot!


Thanks a lot!


Greatings!

0 Helpful

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to rherud

‎07-05-2019 08:57 PM

You're welcome

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card