Do somebody now how to configure the ASA 5500 with "Directed Broadcast" for Wake of lan from other networksegment. we want pass traffic from 192.168.10.0 network to 192.168.100.0 DMZ Network to turn on the server with Wake on Lan.
I read something about "Static NAT" but how do i make this one?
The Static NAT command creates a fixed translation of the real address to the mapped address. This command can be used in order to assign a single public IP address to the single local IP address.
Static NAT Example:
hostname(config)#static (inside,outside) 192.168.201.12 10.1.1.3 netmask 255.255.255.255
This command maps an inside IP address (10.1.1.3) to an outside IP address (192.168.201.12).
In routed mode, device is working at layer 3. By default, any layer 3 device will block broadcast. However,you are looking to pass WOL (Wake on LAN) which uses "directed broadcast" through ASA. This is different from normal broadcast traffic.
IP defines a directed broadcast address for each physical network as all ones in the host ID part of the address. The network ID and the subnet ID must be valid network and subnet values. When a packet is sent to a
network's broadcast address, a single copy travels to the network, and then the packet is sent to every host on that network or subnetwork. For example, in a 192.168.1.0/24 network, directed broadcast IP address is 192.168.1.255.
In 6.x versions we used to pass directed broadcast traffic through PIX.
However, this changed in 7.x.
Later a defect was filed do revert back the behavior to pass directed broadcast through ASA/PIX
If you are running any of the latest codes then you should be able to pass "directed" broadcast through ASA.
If this is not working for you, please get "show tech" and "syslogs+captures" of the failing traffic and let us know.
Is there any configuration required on ASA to pass this type of traffic considering the example which you just spoke off?