12-15-2011 12:29 AM - edited 03-04-2019 02:38 PM
Hi there,
following configuration scenario:
if 0: 192.168.100.0/23
if 1: outside1 network
if 2: outside2 network
is there a way to split the routing the following way:
192.168.100.0/24 -> using outside1 as gateway (no problem, thats fine using default route)
192.168.101.0/24 -> using outside2 as gateway (paket trace says its still using default route)
thx for any help
the config:
interface Vlan1
description Intranet
nameif inside
security-level 100
ip address 192.168.100.1 255.255.254.0
!
interface Vlan2
description Internet interoute
nameif outside
security-level 0
ip address IP_210 255.255.255.240
!
interface Vlan13
description Internet Netcologne
nameif Netcologne
security-level 100
ip address 192.168.0.100 255.255.255.0
!
...
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
switchport access vlan 3
!
interface Ethernet0/3
switchport access vlan 13
!
...
global (outside) 1 interface
global (Netcologne) 2 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 0 access-list inside_nat0_outbound_1 outside
nat (inside) 1 internal-network 255.255.254.0
nat (phones) 0 access-list phones_nat0_outbound_1
nat (phones) 0 access-list phones_nat0_outbound outside
nat (phones) 1 0.0.0.0 0.0.0.0
...
access-group inside_access_in_1 in interface inside control-plane
access-group inside_access_in in interface inside
access-group inside_access_out out interface inside
access-group outside_access_in in interface outside
...
route outside 0.0.0.0 0.0.0.0 Default_GW_interroute 1
route Netcologne 0.0.0.0 0.0.0.0 Default_GW_netcologne 2
12-15-2011 12:44 AM
This require policy based routing to be done and you need a router to get it done
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_qanda_item09186a00805b87d8.shtml#supportfeat
Hope this help
If helpful rate
Sent from Cisco Technical Support iPhone App
Sent from Cisco Technical Support iPhone App
12-15-2011 01:13 AM
the route policys i can add on the asa is not enough?
12-15-2011 01:42 AM
Hi,
you can't do Policy-based routing on the ASA.
Regards.
Alain
12-15-2011 01:47 AM
but i can add them on telnet:
route-map netcologne permit 10
match ip address netcologne
match interface Netcologne
set metric 2
!
12-15-2011 02:11 AM
Hi,
where is this route-map applied and what is the ACL netcologne ?
Regards.
Alain
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: