To route traffic to a nonconnected host or network, you must define a static route to the host or network
or, at a minimum, a default route for any networks to which the ASA is not directly connected; for
example, when there is a router between a network and the ASA.

Without a static or default route defined, traffic to nonconnected hosts or networks generates the
following syslog message:

%ASA-6-110001: No route to dest_address from source_address

Multiple context mode does not support dynamic routing,

You might want to use static routes in single context mode in the following cases:

•

Your networks use a different router discovery protocol from EIGRP, RIP, or OSPF.

•

Your network is small and you can easily manage static routes.

•

You do not want the traffic or CPU overhead associated with routing protocols.

The simplest option is to configure a default route to send all traffic to an upstream router, relying on the
router to route the traffic for you. However, in some cases the default gateway might not be able to reach
the destination network, so you must also configure more specific static routes. For example, if the
default gateway is outside, then the default route cannot direct traffic to any inside networks that are not
directly connected to the ASA.

In transparent firewall mode, for traffic that originates on the ASA and is destined for a nondirectly
connected network, you need to configure either a default route or static routes so the ASA knows out
of which interface to send traffic. Traffic that originates on the ASA might include communications to a

Advertising

This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands

Popular manuals