Solved

asa config

Posted on 2013-11-08
4
424 Views
Last Modified: 2013-11-08
I updated my firewall 5505 version and edited the config from the old version to new version. I just noticed that new version outside route is .142 and the old version outside route is .141 - while the outside interface is .142

I thought the route outside has to look at the outside interface, so how was it working in the old version? I might have made a typing error on the new versionand should have put .141


new version is:
object network obj_any
 nat (inside,outside) dynamic interface
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 75.22.180.142 1

old version is:
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 75.22.180.141 1

the outside interface is:
75.22.180.142
0
Comment
Question by:tolinrome
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
4 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 500 total points
ID: 39634096
?

The Route Outside command points to the IP address of the ROUTER supplied by your ISP it DOES NOT point to the outside interface IP address.

If you think yours DID then your are incorrect, or the config you are looking at is incorrect (or has been changed).

Traffic would never go outbound if the ASA looked at itself for its default route.


PL
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 39634103
And OLD and NEW (i.e. pre and post version 8.3) the route command has not changed.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 39634107
>>route outside 0.0.0.0 0.0.0.0  75.22.180.142 1

If your outside IP is 75.22.180.142 then the above was NOT your route stement
0
 
LVL 7

Author Closing Comment

by:tolinrome
ID: 39634732
yes, that was the problem. thanks.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many of the companies I’ve worked with have embraced cloud solutions due to their desire to “get out of the datacenter business.” The ability to achieve better security and availability, and the speed with which they are able to deploy, is far grea…
Powerful tools can do wonders, but only in the right hands.  Nowhere is this more obvious than with the cloud.
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question