03-03-2008 06:07 PM
Hi All,
Working on configuring ASA , where the ISP assigned outside IP:20.20.20.67/32 and gateway: 20.20.20.69.
This ASA will act as regular NAT device and L2L tunnel to another location.
My question is /32 on outside is good enough tfor doing this config.
Please review and suggest.
Thank you
MS
03-04-2008 06:57 AM
I just tried myself.. it is not accepted on ASA5510 interface. Saying 'bad Mask'.
Thank you
MS
03-04-2008 11:15 AM
I suggest you double check with your ISP.
The info you have doesn't make sense.
A 32 bits subnet is a one address subnet , meaning a single host. But your outside interface needs to be in the same subnet than your default gateway. The smallest subnet possible here would be a /30 subnet, wich give 4 addresses (2 usable) .
But .67 and .69 are not part of the same /30 subnet. And .67 would be a broadcast address in a /30 ( 64-65-66-67).
So .67 and .69 can only be part of at least a /29 subnet ( 64-65-66-67-68-69-70)
But you have to verify thisa with your ISP because both devices needs to be configure with the same subnet.
06-24-2018 10:03 PM
/32 mask does not make any sense.
I agree that the mask ideally should be the same in both ends, but they don't need to. The ASA does not use the broadcast address.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide