Hi

nikhilaluvila · ‎02-08-2017

Dear Team,

I have created sub interfaces on an ASA 5510,i have to route one subinterface traffic to the outside interfcae to access the internet,i tried to create the route to pass traffic from that subinterface to the outside interface.But its states that we can not create route for the interfaces.Could you please help me that how we can pass traffic to outside interface to access internet.I am new to firewall.Please help me to figure out the problem.

Julio E. Moisa · ‎02-08-2017

Hi

You should to have something like:

route OUTSIDE 0.0.0.0 0.0.0.0 150.x.x.x

Also you should enable a NAT (the configuration depends on the version 8.3+) remember to create the acccess-group for the sub-interfaces for example:

access-group INSIDE in interface inside

Could you please share your configuration o error message?

Thanks.

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

nikhilaluvila · ‎02-08-2017

Dear Juloi,

My scenario is like that we have 3 physical interfaces on firewall , Outside,Inside and Others.In the physical interface "others" we have created 3 sub interfaces.192.168.0.x,192.168.1.x,192.168.3.x.

In our case we have to give internet access to the sub interface 192.168.3.x.Currently "inside" interface have access to the "outside" which means they can access internet.

is it possible to create route for the interfaces,while trying to create route for the interfaces it states that for the same interfaces no need to create route.

I want to pass my 192.168.3.x network (which belongs to users) traffic to the "outside" interface for internet access

fIREWALL asa 5510