Thanks for the reply. I have to route to the interface that connects to the internet which is the ASA at 192.168.5.5. The 3850 switch has multiple VLANs with IP routing enabled. The VLAN that works with the new ASA 5508-X is 192.168.5.0 gateway IP is 192.168.5.1 VLAN 192.168.9.0 does not get to the internet via ASA at 192.168.5.5 since I cannot configure a static route as I did on the ASA 5510.
... View more
Hi All, Looking for some assistance with an ASA routing issue. Some background: Network consists of a 3850 stack with multiple VLANs and is configured as the default gateway for all VLANs. The main workstation VLANs is 192.168.5.0 with an old ASA 5510 (8.2) connected at 192.168.5.5. 3850 gateway of last resort is 192.168.5.5 to network 0.0.0.0 3850 has a guest VLAN 192.168.9.0 The current ASA 5510 has the following static routes outside 0.0.0.0 0.0.0.0 (to our ISP assigned public IP) 1 inside 192.168.9.0 255.255.255.0 192.168.5.5 1 This works with no issues. Guest VLAN has access to the internet Now I’m working with a replacement ASA 5508-X (9.7) with firepower I configured the ASA to match the existing ASA 5510 and everything works except the VLAN 192.168.9.0 When I try to configure the same static route inside 192.168.9.0 255.255.255.0 192.168.5.5 I get the following error: [ERROR] route inside 192.168.9.0 255.255.255.0 192.168.5.5 1 Invalid next hop address 192.168.5.5 it matches our IP address What am I missing here. Is there a change between the 2 ASA versions and this is now done another way? Any insight would be appreciated. Thanks.
... View more