Chapter 9 Configuring Ip Routing; Configuring Static And Default Routes - Cisco FirePOWER ASA 5500 series Configuration Manual
Security appliance command line
Hide thumbs
Also See for FirePOWER ASA 5500 series:
- Datasheet (20 pages) ,
- Configuration manual (1140 pages)
Table of Contents
Advertisement
Configuring IP Routing
This chapter describes how to configure IP routing on the security appliance. This chapter includes the
following sections:
•
•
•
•
•
Configuring Static and Default Routes
This section describes how to configure static and default routes on the security appliance.
Multiple context mode does not support dynamic routing, so you must use static routes for any networks
to which the security appliance is not directly connected; for example, when there is a router between a
network and the security appliance.
You might want to use static routes in single context mode in the following cases:
•
•
•
The simplest option is to configure a default route to send all traffic to an upstream router, relying on the
router to route the traffic for you. However, in some cases the default gateway might not be able to reach
the destination network, so you must also configure more specific static routes. For example, if the
default gateway is outside, then the default route cannot direct traffic to any inside networks that are not
directly connected to the security appliance.
In transparent firewall mode, for traffic that originates on the security appliance and is destined for a
non-directly connected network, you need to configure either a default route or static routes so the
security appliance knows out of which interface to send traffic. Traffic that originates on the security
appliance might include communications to a syslog server, Websense or N2H2 server, or AAA server.
If you have servers that cannot all be reached through a single default route, then you must configure
static routes.
The security appliance supports up to three equal cost routes on the same interface for load balancing.
OL-10088-01
Configuring Static and Default Routes, page 9-1
Defining Route Maps, page 9-6
Configuring OSPF, page 9-7
Configuring RIP, page 9-19
The Routing Table, page 9-22
Your networks use a different router discovery protocol from RIP or OSPF.
Your network is small and you can easily manage static routes.
You do not want the traffic or CPU overhead associated with routing protocols.
C H A P T E R
Cisco Security Appliance Command Line Configuration Guide
9
9-1
Advertisement
Table of Contents
Troubleshooting
