?
Solved

Can the ASA redirect traffic to another device on same LAN?

Posted on 2008-11-01
3
Medium Priority
?
1,650 Views
Last Modified: 2012-05-05
Imagine three devices on the inside LAN of a Cisco ASA.  And there is a remote WAN site 10.1.2.0/24.  

A  10.1.1.1 is the ASA and is the gateway to the Internet.
B   10.1.1.5 is a Cisco 2811 router with a WAN connection to another site.
C   10.1.1.100 is a workstation - say a Windows PC.

Station C has a default gateway of 10.1.1.1 and pings 10.1.2.200.  Will the ASA station A direct the packet to the 2811 station B for delivery to the remote WAN site?  Or is it the case that a packet that enters
and interface on an ASA can not come back out to another device on the LAN?  Any reference would be appreciated.  Thank-you.
0
Comment
Question by:amigan_99
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 28

Accepted Solution

by:
batry_boy earned 1000 total points
ID: 22858753
>>Station C has a default gateway of 10.1.1.1 and pings 10.1.2.200.  Will the ASA station A direct the packet to the 2811 station B for delivery to the remote WAN site?  Or is it the case that a packet that enters and interface on an ASA can not come back out to another device on the LAN?

It is the latter case.  The packet will not come back out the same interface that it entered.  There is an exception to this rule, but it is for VPN traffic only, not for the type of traffic that you are talking about.  You need a true router to perform this type of routing.  You can always set the 2811 router as your default gateway for all of the 10.1.1.x hosts, but you may not want to do this in your scenario.
0
 
LVL 1

Author Comment

by:amigan_99
ID: 22858832
Thanks batry - I seemed to recall that was the case - as you describe.  The other option I have in this case is to make the 3750 switches route in addition to switching.  I purchased enhanced image so that's likely what I will do when it's time to implement.
0
 
LVL 1

Author Closing Comment

by:amigan_99
ID: 31512367
Thank-you.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question