Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
484
Views
0
Helpful
2
Replies

Multiple Outside Networks ASA - 1 Outside Interface

Go to solution
cceykovsky
Level 1
Level 1

‎11-10-2008 08:50 AM - edited ‎02-21-2020 03:05 AM

Scenario Example:

Site A 20.0.0.0 (Primary)

Site B 30.0.0.0 (Primary)

Greetings,

From a routing point of view with 2 routers at each site and advertisements via BGP I don't see this being a problem. We'll advertise both networks at each site. However, primarily only site A will get 20.0.0.0 traffic and site B will get 30.0.0.0 traffic. No problems there with NAT and so forth.

What I don't know how to handle at the moment is if say site B fails and site A starts receiving 30.0.0.0 traffic. There will be just a single link between site A's router and firewall, with the 20.x.x.x network. Any recommendations how site A can receive 30.0.0.0 seamlessly if site B were to fail? (from an ASA/NAT Point of view)

Thank you

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎11-10-2008 09:32 AM

Chris

Is it safe to assume that your ASA has a route to the 30.0.0.0 network from it's inside interface ?

If so

static (inside,outside) 30.0.0.0 30.0.0.0 netmask 255.0.0.0

as long as traffic for 30.0.0.0 is then routed to the outside interface of site A firewall it can then accept this traffic and forward it on internally.

If i have misunderstood let me know.

Jon

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎11-10-2008 09:32 AM

Chris

Is it safe to assume that your ASA has a route to the 30.0.0.0 network from it's inside interface ?

If so

static (inside,outside) 30.0.0.0 30.0.0.0 netmask 255.0.0.0

as long as traffic for 30.0.0.0 is then routed to the outside interface of site A firewall it can then accept this traffic and forward it on internally.

If i have misunderstood let me know.

Jon

0 Helpful

Go to solution
cceykovsky
Level 1
Level 1
In response to Jon Marshall

‎11-18-2008 02:51 PM

Hey Jon,

I think you hit it right on the head and I got that information elsewhere. Apolgize for responding so late, but thank you for the response.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card