[c-nsp] asa routed public network through asa
Dan Letkeman
danletkeman at gmail.com
Sat Feb 5 11:13:39 EST 2011
Yes, I only have the /26 with a pre-existing netmask.
On Fri, Feb 4, 2011 at 9:54 PM, Jeff Kell <jeff-kell at utc.edu> wrote:
> On 2/4/2011 9:16 PM, Dan Letkeman wrote:
>> The asa is running 8.3(2), and I have a /26 from our isp to work with.
>> One of those IP's currently exists on the routed outside interface of
>> the asa.
>
> Do you have "only" that /26, and are the endpoints (yours and the ISPs)
> part of that /26 with a pre-existing netmask?
>
> You basically want to have the site-to-site (you-to-ISP) link more along
> the lines of a /30, then play with the ISP-provided /26 for NAT.
>
>
>> So I understand the part of trunking a vlan to the asa. Where i'm
>> stuck is how to add a secondary ip to a routed port on the asa(if this
>> is even possible) and how to "route" the traffic through the asa an
>> not "NAT" it.
>
> It still has to pass through the ASA. You want to NAT-exempt the piece
> you want to pass through.
>
> Jeff
>
More information about the cisco-nsp
mailing list