Solved

asa config

Posted on 2013-11-08
4
412 Views
Last Modified: 2013-11-08
I updated my firewall 5505 version and edited the config from the old version to new version. I just noticed that new version outside route is .142 and the old version outside route is .141 - while the outside interface is .142

I thought the route outside has to look at the outside interface, so how was it working in the old version? I might have made a typing error on the new versionand should have put .141


new version is:
object network obj_any
 nat (inside,outside) dynamic interface
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 75.22.180.142 1

old version is:
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 75.22.180.141 1

the outside interface is:
75.22.180.142
0
Comment
Question by:tolinrome
  • 3
4 Comments
 
LVL 57

Accepted Solution

by:
Pete Long earned 500 total points
ID: 39634096
?

The Route Outside command points to the IP address of the ROUTER supplied by your ISP it DOES NOT point to the outside interface IP address.

If you think yours DID then your are incorrect, or the config you are looking at is incorrect (or has been changed).

Traffic would never go outbound if the ASA looked at itself for its default route.


PL
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 39634103
And OLD and NEW (i.e. pre and post version 8.3) the route command has not changed.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 39634107
>>route outside 0.0.0.0 0.0.0.0  75.22.180.142 1

If your outside IP is 75.22.180.142 then the above was NOT your route stement
0
 
LVL 7

Author Closing Comment

by:tolinrome
ID: 39634732
yes, that was the problem. thanks.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now