Re: [fw-wiz] Multiple routes out

From: "Horvath, Kevin M." <KEVIN.M.HORVATH@xxxxxxxx>
Date: Thu, 22 Jun 2006 18:20:25 -0400

Sure. Your natting will detrmine your routing. For ex your inside routable
addresses can be nat0 or statically mapped. Then set up static routes for
each interface/network. Then just set up your other static mappings and
routes for the other nets

--- Original Message ---
From:"Oliver Humpage" <oliver@xxxxxxxxxxxxxxx>
Sent:Thu 6/22/06 6:05 pm
To:"Firewall Wizards Security Mailing List"
<firewall-wizards@xxxxxxxxxxxxxxxxxxxxx>
Cc:
Subj:[fw-wiz] Multiple routes out

There must be a trick to do this, but I can't figure it out... It's kind of
like routing based on source address rather than destination, but I'll
explain (will try to keep it brief).

I have two external networks coming into the building, and two corresponding
internal networks. There is a Cisco ASA5510 (with Sec+ licence, OS 7.0.4) on
the border, so essentially:

Ethernet0/0 = OutsideNet1
Ethernet0/1 = InsideNet1
Ethernet0/2 = OutsideNet2
Ethernet0/3 = InsideNet2

To make matters interesting, InsideNet1 is made of routable IPs, whereas
InsideNet2 is made of RFC1918 IPs, and hence the ASA will be static NATting
them. Don't know if that makes a difference.

So basically, anything coming in to the ASA on InsideNet1 needs to be given
to the OutsideNet1 interface, and be routed to the default route there.
Anything coming in on InsideNet2 needs to be given to OutsideNet2 interface
(and be static NATted), and go to the default route on that interface.

Any ideas how to go about configuring that? Or shall I give up now? :)

Thanks as ever,

Oliver.

--
Oliver Humpage
ICT Co-ordinator, Watershed Media Centre -- +44 (0)117 9276444

_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Prev by Date: Re: [fw-wiz] Noob stuck becomes PIX admin overnight!
Next by Date: [fw-wiz] dual ISP connections
Previous by thread: [fw-wiz] Multiple routes out
Next by thread: [fw-wiz] dual ISP connections
Index(es):
- Date
- Thread

Relevant Pages

iptables and static routing..
... using iptables command. ... Note that if I turn the interface to the network down, ... but also sets unwanted/undesirable routing paths in the routing table. ... should not set the default routes in the first place. ...
(Fedora)
Re: Q: multi-homed server with multiple default routers
... Instead only the destination address and routing table are used ... >> to determine the interface and hardware destination. ... to add a permanent route other than adding a default router. ... It is also a method to add one or more permanent routes that are not ...
(comp.unix.solaris)
Re: Multipath routing - failover version
... IP to an interface if the route already exists. ... If machine you add the IP to the vlan on ... Obviously, also, a machine should prefer it's own interface routes to routes ... provided by external routing protocols. ...
(freebsd-hackers)
Re: site to site routing through VPN
... I added the routes through the routing and remote access ... route when I installed the interface and the route uses ... >> I can get the servers connected via vpn. ...
(microsoft.public.windows.server.networking)
Re: Remote Desktop to Other PC systems on the Network from Remote
... machines but I have added a route destination (any destination matching the ... Do I need to have the external interface of the PIX at Branch side somewhere ... I have added the remote network ranges to the "Internal" network definition ... I also already have 2 persistent routes these identify ...
(microsoft.public.isaserver)