cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2044
Views
0
Helpful
7
Replies
Highlighted
Beginner

ASA 5510 Routing specific traffic to inside router

I have an ASA 5510, with Ethernet0 connected to Internet via a T1 line, Ethernet1 connected to LAN1, and Ethernet2 connected to LAN2.  LAN1 & LAN2 are independant, but share the Internet connection, via the T1 line.  On LAN2, I have another router that connects to the Internet, via a Comcast line.  I wish to route some of the traffic on LAN2 (10.38.77.0) to the other Router, on LAN2 (10.38.77.12) (connected to the Comcast line).  I have entered the following lines:

route inside2 10.11.0.0 255.255.0.0 10.38.77.12 1

route inside2 10.252.0.0 255.255.0.0 10.38.77.12 1

route inside2 172.22.6.0 255.255.255.0 10.38.77.12 1

I can trace the routes from the ASA 5510 (1st hop is to 10.38.77.12), but not from anything else on LAN2.

Any help would be appreciated.

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

Can't you add persistent routes to the routing tables on the clients to push the traffic out via the Comcast router?

route add 10.252.0.0 mask 255.255.0.0 10.38.77.12

route add 10.11.0.0 mask 255.255.0.0 10.38.77.12

route add 172.22.0.0 mask 255.255.0.0 10.38.77.12

HTH Paul ****Please rate useful posts****

View solution in original post

7 REPLIES 7
Highlighted
Rising star

Hi larry,

How your router @ LAN 2 is connected to the ASA??? because the routes which you have specified in ASA will redirect the reverse traffic to the router ip. It means that forward traffic from the LAN 2 subnet is going out thru ASA.

Please clarify on that so that we can sort out the exact problem.

Please do rate if the given information helps.

By

Karthik

Highlighted

Thanks for your reply.

The router is connected to LAN2 via a switch, NOT directly plugged into the ASA.  The ASA is also plugged into the same switch.

My goal is to have all traffic on LAN2, that is communicating with those 3 IPs, to go through the other router.  The other router is then connected to a comcast internet connection, instead of the T1 internet line, that is connected directly to the ASA.

Highlighted

Okay.... is that the switch you have connected the router/asa is a layer 3 switch or Layer 2???... If it is a layer 3 switch you can do the policy based routing to redirect the traffic from the specific subnets towards comcast line....

Please do rate if the given information helps.

By

Karthikeyan.N

Highlighted

I need any connections initiated from the 10.38.77.x workstations, with destinations of 10.252.0.0/16, 10.11.0.0/16, or 172.22.6.0/16, to use the path through the Vendor VLAN Router at 10.38.77.12, through the Comcast Router.  Can I route this using commands in the ASA 5510?

Highlighted

Can't you add persistent routes to the routing tables on the clients to push the traffic out via the Comcast router?

route add 10.252.0.0 mask 255.255.0.0 10.38.77.12

route add 10.11.0.0 mask 255.255.0.0 10.38.77.12

route add 172.22.0.0 mask 255.255.0.0 10.38.77.12

HTH Paul ****Please rate useful posts****

View solution in original post

Highlighted

Thanks very much!  That worked!

Highlighted

You're welcome!

HTH Paul ****Please rate useful posts****
Content for Community-Ad