Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
436
Views
0
Helpful
3
Replies

How to Route Access-Group to Different Gateway

thenicktownsend
Level 1
Level 1

‎04-25-2018 06:03 AM - edited ‎02-21-2020 07:40 AM

I need to change the way a Public Wifi Vlan routes out of my Cisco ASA 5515. Here is the current config

 

access-group Public-WiFi-IN in interface Public-WiFi
route Outside 0.0.0.0 0.0.0.0 120.22.12.125 1 
route Inside 10.0.0.0 255.0.0.0 172.31.254.65 1

 

If I change line 2 to: route Outside 0.0.0.0 0.0.0.0 10.99.3.50 1, will this change the way the traffic routes?

 

Thank you in advance, help is appreciated. 

Labels:
0 Helpful
3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-25-2018 06:34 AM

We need a bit more information to answer your question properly.

 

Generally speaking, a single context ASA only has one active default route at a given time. If you want your Public wifi subnet to use a different public IP address or upstream gateway, it might have to go out via some other device instead of the ASA.

0 Helpful

thenicktownsend
Level 1
Level 1
In response to Marvin Rhoads

‎04-25-2018 06:36 AM

That is the plan. I want to send all of the Public-Wifi traffic to a different FW which has its own WAN connections. What other information would you need? 

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to thenicktownsend

‎04-25-2018 06:41 AM

Then set a different default gateway for the WLC so that it sends the public wif clients' decapsulated CAPWAP traffic (assuming you're not doing wireless FlexConnect which you normally wouldn't for public wifi) out to that other firewall.

 

The non-public ASA should not have anything to do with the Public wifi traffic abd associated subnet.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card