Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Multiple routes out

From: "Horvath, Kevin M." <KEVIN.M.HORVATH () saic com>
Date: Thu, 22 Jun 2006 18:20:25 -0400
Sure.  Your natting will detrmine your routing.  For ex your inside routable
addresses can be nat0 or statically mapped.  Then set up static routes for
each interface/network.  Then just set up your other  static mappings and
routes for the other nets

--- Original Message ---
From:"Oliver Humpage" <oliver () watershed co uk>
Sent:Thu 6/22/06  6:05 pm
To:"Firewall Wizards Security Mailing List"
<firewall-wizards () listserv icsalabs com>
Cc:
Subj:[fw-wiz] Multiple routes out


There must be a trick to do this, but I can't figure it out... It's kind of
like routing based on source address rather than destination, but I'll
explain (will try to keep it brief).

I have two external networks coming into the building, and two corresponding
internal networks. There is a Cisco ASA5510 (with Sec+ licence, OS 7.0.4) on
the border, so essentially:

Ethernet0/0 = OutsideNet1
Ethernet0/1 = InsideNet1
Ethernet0/2 = OutsideNet2
Ethernet0/3 = InsideNet2

To make matters interesting, InsideNet1 is made of routable IPs, whereas
InsideNet2 is made of RFC1918 IPs, and hence the ASA will be static NATting
them. Don't know if that makes a difference.

So basically, anything coming in to the ASA on InsideNet1 needs to be given
to the OutsideNet1 interface, and be routed to the default route there.
Anything coming in on InsideNet2 needs to be given to OutsideNet2 interface
(and be static NATted), and go to the default route on that interface.

Any ideas how to go about configuring that? Or shall I give up now? :)

Thanks as ever,

Oliver.


-- 
Oliver Humpage
ICT Co-ordinator, Watershed Media Centre -- +44 (0)117 9276444

_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: