Help: How to choose egress interface by the internal source IP in ASA5520?

Hi there,
I'm using ASA 5520: ASA ver 8.4(4)1, ASDM ver 6.4(9), firewall mode: Routed.
There are 2 WAN Interfaces for this ASA: Port 0/3 named 100M; Port 0/0 named Outside.
One LAN interface is Port 0/1 (10.1.0.0/16) There are 2 groups of users, which can be diffentiate by their IP addresses.
UserGroup A: 10.1.6.0/24; UserGroup B is all other LAN users, 10.1.0.0/16, except 10.1.6.0/24.
I'd like to route the Internet traffic as below:
When A accesses Internet, traffic goes thru Port 0/3.
When B accesses Internet, traffic goes thru Port 0/1.
I can't set static-route by checking their source IP, I can't set policy based routing either.
How can this be achieved in my ASA5520?
Thanks,
Tony

Hi,
I guess you need to use a separate router to do the PBR on the basis of the public NAT IP address (and then choose the correct gateway) of the users or build something on the LAN side in the sameway
I guess you could also separate the users on different LAN networks and change the ASA to run in multiple context mode and create different firewall context for both LAN networks (I think every ASA has a license that permits 2 context (admin context isnt counted into this), you can check it with "show version" command). Then again this option would eliminate the use of VPN. (Though L2L VPN are supposedly coming available in multiple context mode later)
Something tells me though that the second option would simply mean too much work or if you are using VPN on the ASA it would mean you would need separate VPN device.
- Jouni

Similar Messages

  • How to bring ISQLPLUS interface on the browser ...

    how to bring ISQLPLUS interface on the browser ...plz give me the full path ,..
    my machine name is " mallick786 "

    Goto the Install directory on your Oracle installed directory and have a look at the 'readme' file. You will find all the info you wanted.
    Regards.

  • Please help : How to print a matrix from the console...

    Hi..
    Please help:
    How to print a matrix on the console , but i want to take all the input from the console.. like...
    if the matrix is of size...
    mxn
    where
    m : row
    n : column
    and the all the elements of the matrix from the console it self... .
    Please help...

    Thanks...
    I am able to print the elements of the array but i am not able to assign those values to the array ....
    How to do that...
    I just did a little change in my code...
    import java.util.Scanner;
    public class CreatingAMatrix {
        public static void main(String[] args) {
         // TODO Auto-generated method stub
         System.out.print("Enter the number of rows: ");
         Scanner scanner1 = new Scanner(System.in);
         int m = scanner1.nextInt();
         System.out.print("Enter the number of coulmns:");
         Scanner scanner2 = new Scanner(System.in);
         int n = scanner2.nextInt();
         System.out.println("The size of the matrix is : " +m+" x "+n );
         int[][] a = new int[100][100];
         for(int i=0;i<=m;i++)
             for(int j =0; j <= n; j++)
              Scanner scanner3 = new Scanner(System.in);
              int o = scanner3.nextInt();
             System.out.println();
         for(int i=0;i<=m;i++)
             for(int j =0; j <= n; j++)
              System.out.print(a[i][j] + "\t");
             System.out.println();
    }I am getting an output as this
    output:
    Enter the number of rows: 2
    Enter the number of coulmns:1
    The size of the matrix is : 2 x 1
    1
    2
    1
    2
    3
    5
    0     0     
    0     0     
    0     0     
    how should i assig those input values to my array..
    Please help

  • My ipad2 is asking old id password, when i go to forget password link for that id then I am not getting any mail to reset the same. Please help how can i remove or change the old id.

    my ipad2 is asking old id password, when i go to forget password link for that id then I am not getting any mail to reset the same. Please help how can i remove or change the old id.

    You cannot remove or change the old ID. This is Find My iPhone Activation Lock. You need to recover the credentials for the Apple ID originally used to activate the iPad.
    Check your spam and junk folders.

  • Please help-how can I find accents on the keyboard when typing in French?

    Please help.How can I find accents on the keyboard when typing in french?Thanks

    You can also open the Keyboard Viewer & hold Option key & Shift+Option to see...
    Option key...
    Shift+Option or alt key...

  • How to submit a report ,Passing the internal tables from parent report

    How to submit a report ,Passing the internal tables from the parent report ?

    The SUBMIT statement executes a report from within a report. i.e. you could have a drill-down which
    calls another report. Can only execute reports of type '1'.
    *Code used to execute a report
    SUBMIT Zreport.
    *Code used to populate 'select-options' & execute report
    DATA: seltab type table of rsparams,
          seltab_wa like line of seltab.
      seltab_wa-selname = 'PNPPERNR'.
      seltab_wa-sign    = 'I'.
      seltab_wa-option  = 'EQ'.
    load each personnel number accessed from the structure into
    parameters to be used in the report
      loop at pnppernr.
        seltab_wa-low = pnppernr-low.
        append seltab_wa to seltab.
      endloop.
      SUBMIT zreport with selection-table seltab
                                    via selection-screen.
    *Code used to populate 'parameters' & execute report
    SUBMIT zreport with p_param1 = 'value'
                    with p_param2 = 'value'.
    Other additions for SUBMIT
    *Submit report and return to current program afterwards
    SUBMIT zreport AND RETURN.
    *Submit report via its own selection screen
    SUBMIT zreport VIA SELECTION-SCREEN.
    *Submit report using selection screen variant
    SUBMIT zreport USING SELECTION-SET 'VARIANT1'.
    *Submit report but export resultant list to memory, rather than
    *it being displayed on screen
    SUBMIT zreport EXPORTING LIST TO MEMORY.
    Once report has finished and control has returned to calling
    program, use function modules LIST_FROM_MEMORY, WRITE_LIST and
    DISPLAY_LIST to retrieve and display report.
    *Example Code (Retrieving list from memory)
    DATA  BEGIN OF itab_list OCCURS 0.
            INCLUDE STRUCTURE abaplist.
    DATA  END OF itab_list.
    DATA: BEGIN OF vlist OCCURS 0,
            filler1(01)   TYPE c,
            field1(06)    TYPE c,
            filler(08)    TYPE c,
            field2(10)    TYPE c,
            filler3(01)   TYPE c,
            field3(10)    TYPE c,
            filler4(01)   TYPE c,
            field4(3)     TYPE c,
            filler5(02)   TYPE c,
            field5(15)    TYPE c,
            filler6(02)   TYPE c,
            field6(30)    TYPE c,
            filler7(43)   TYPE c,
            field7(10)    TYPE c,
          END OF vlist.
    SUBMIT zreport EXPORTING LIST TO MEMORY.
    CALL FUNCTION 'LIST_FROM_MEMORY'
      TABLES
        listobject = itab_list
      EXCEPTIONS
        not_found  = 4
        OTHERS     = 8.
    CALL FUNCTION 'LIST_TO_ASCI'
      EXPORTING
        list_index         = -1
      TABLES
        listasci           = vlist
        listobject         = itab_list
      EXCEPTIONS
        empty_list         = 1
        list_index_invalid = 2
        OTHERS             = 3.
    IF sy-subrc NE '0'.
      WRITE:/ 'LIST_TO_ASCI error !! ', sy-subrc.
    ENDIF.
    Submit report as job
    *Submit report as job(i.e. in background)
    data: jobname like tbtcjob-jobname value
                                 ' TRANSFER TRANSLATION'.
    data: jobcount like tbtcjob-jobcount,
          host like msxxlist-host.
    data: begin of starttime.
            include structure tbtcstrt.
    data: end of starttime.
    data: starttimeimmediate like btch0000-char1.
    Job open
      call function 'JOB_OPEN'
           exporting
                delanfrep        = ' '
                jobgroup         = ' '
                jobname          = jobname
                sdlstrtdt        = sy-datum
                sdlstrttm        = sy-uzeit
           importing
                jobcount         = jobcount
           exceptions
                cant_create_job  = 01
                invalid_job_data = 02
                jobname_missing  = 03.
      if sy-subrc ne 0.
                                           "error processing
      endif.
    Insert process into job
    SUBMIT zreport and return
                    with p_param1 = 'value'
                    with p_param2 = 'value'
                    user sy-uname
                    via job jobname
                    number jobcount.
      if sy-subrc > 0.
                                           "error processing
      endif.
    Close job
      starttime-sdlstrtdt = sy-datum + 1.
      starttime-sdlstrttm = '220000'.
      call function 'JOB_CLOSE'
           exporting
                event_id             = starttime-eventid
                event_param          = starttime-eventparm
                event_periodic       = starttime-periodic
                jobcount             = jobcount
                jobname              = jobname
                laststrtdt           = starttime-laststrtdt
                laststrttm           = starttime-laststrttm
                prddays              = 1
                prdhours             = 0
                prdmins              = 0
                prdmonths            = 0
                prdweeks             = 0
                sdlstrtdt            = starttime-sdlstrtdt
                sdlstrttm            = starttime-sdlstrttm
                strtimmed            = starttimeimmediate
                targetsystem         = host
           exceptions
                cant_start_immediate = 01
                invalid_startdate    = 02
                jobname_missing      = 03
                job_close_failed     = 04
                job_nosteps          = 05
                job_notex            = 06
                lock_failed          = 07
                others               = 99.
      if sy-subrc eq 0.
                                           "error processing
      endif.

  • How do I turn off/on the internal antenna in order to connect an external antenna

    MacBook Pro, 10.9.1, Mavericks, retina display --- 2 questions
    How do I turn off/on the internal antenna in order to connectand use an external antenna.  Second question, I mistakenly installed the wrong driver for the external antenna, How do I uninstall it?

    Log onto icloud.com on a computer and see if you can turn it off on there.

  • Pls, how i can delete one of the international keyboards?

    Pls, how i can delete one of the international keyboards?

    You can remove one or more of the keyboards that you've selected via the Edit button at the top right of Settings > General > Keyboards > International Keyboards (the Edit button will be greyed out when there is only one keyboard left selected)

  • In Iproc : The system could not determine the internal source for item

    We faced the following error in the Iprocurement
    The system could not determine the internal source for item.
    kindly note that the item is :
    - customer ordered
    - customer ordered Enabled
    - Shippable
    -Internal Ordered
    -internal ordered enabled
    - OE Transactable
    - assigned to a valid organisation
    -assigned to mapped category
    - Assignment Set is Created  +Profile option
    -profile options for internally sourced is set to yes
    If there is any missing or set please let me know
    , best regards
    Tareq

    hi Kartik
    Please check whether your company is opted for " business area financial statments" in financial account- global setting of company code. If yes and you want to continue please maintain business area for the plant and material dvision combination under the transaction cde OVF0.
    Hope this will solve your problem.

  • How to create an interface if the class has a nested class

    I have the following class
    public class SampleImport{
    public SampleResult import (InputSource xml) {
    SampleResult sampleResult = new SampleResult();
              //do something
              return sampleResult;
    public static class SampleResult {
              public final String sampleName;
              public SampleResult (String s) {
                   sampleName = s;
    I would like to create an interface for this class for teh following method signature 'SampleResult import(InputSource(xml))', how would I create it ?
    Any help is appreciated,
    TIA,

    public interface Nameable {
        String getName();
    public interface Importable {
        Nameable importSource (InputSource xml);
    public class SampleImport implements Importable {
        @Override public SampleResult importSource (InputSource xml) {
            SampleResult sampleResult = new SampleResult("foo");
            //do something
            return sampleResult;
        public static class SampleResult implements Nameable {
            public final String sampleName;
            public SampleResult (String s) {
                sampleName = s;
            @Override public String getName() {
                return sampleName;
    }edit: er, you do know import is a keyword?

  • How to use multiple Interfaces for the same BS?

    Hi @ ,
    Is it possible to have a scenarion where i am using multiple interfaces in the same BS based upon some conditional field in the message.
    I amnot able to get the solution I know with condition editor I can have multiple receivers but in my scenarion based upon message fiels i have to decide which BAPI to be used and wht mapping and then post it to the same System
    Any help will be highly rewarded
    Regards

    Hi-
    Yes it is possible you can use multimapping for mapping the interfaces.
    To know more about multimapping see
    http://help.sap.com/saphelp_nw04/helpdata/en/21/6faf35c2d74295a3cb97f6f3ccf43c/content.htm
    Some more helpful links
    /people/jin.shin/blog/2006/02/07/multi-mapping-without-bpm--yes-it146s-possible

  • HELP - how do you save pictures through the recovery mode?

    How do you save pictures through the recovery mode.  I have the black screen with cursor and despite trying all the tips noted here nothing seems to fix the issue.  These have included using Utility disk to re-install OS-X, repairing the disks.  Also tried the holding shift on start up and entering username and password.  Also tried internet recovery and then repair and re-install.  Nothing works!
    Happy to restore from a back up, but I have been rubbish and not backed up for a long time.  Also happy to delete and re-install completely but don't want to loose pics.
    Please let me know any suggestions!!

    bemsley wrote:
    Is it possible to attach an external drive and copy across files through the utility function?
    That requires that you can boot the MBP. 
    Or to boot the mac using the time machine back up?
    You can try using startup manager:
    http://support.apple.com/kb/ht1310
    But you still need a working volume where you can install the backed up data.
    The good news is that since you have a Time machine backup, you can transfer that data to another Mac or clone:
    http://pondini.org/OSX/Setup.html
    Ciao.

  • How and where can I get the hotjava source code?

    Hello.
    I would like to get the hotjava source code..
    How and where can I have it?
    Thanks for your help.

    Ah, Lion manuals are online only.  I'll have to wait until I get my MBP then.  I hope that works for Apple?  But it won't stop me from asking some questions.
    Is there a great deal of difference between Leopard and Lion?

  • How to upload XML file into the internal table in Webdynpro  ABAP ?

    Hi Friends,
    I am not able to upload the XML file into ABAP,can you please help me in solving this issue with the help of source code.
    Regards
    Dinesh

    Hi Dinesh,
    Try go through this program which I had developed earlier. It takes as input an XML file and then breaks it down into name-value pairs of an intrnal table. You need to pass an XML file as input to this program. (I had hard coded the path for my XML file in it. You need to replace it with 1 of your own or you can just delete it and use the browse button to selet the file on your PC)
    Regards,
    Uday
    REPORT  ZUDAY_XML no standard page heading.
    " Internal table to store the XML file in binary mode
    data: begin of it_xml occurs 1,
            c(255) type x,
          end of it_xml,
    " Name-value pairs table rturned by FM SMUM_XML_PARSE
          it_SMUM_XMLTB type SMUM_XMLTB occurs 0 with header line,
    " Table returned by FM SMUM_XML_PARSE for error handling
          it_bapiret2 type bapiret2 occurs 0 with header line.
    " XSTRING variable to be used by FM SCMS_BINARY_TO_XSTRING to hold the XML file in XSTRING format
    data: I_xstring type xstring, 
    " String variable to hold XML file path to pass to GUI_UPLOAD
          I_file_path type string,
    " Variable to store the size of the uploaded binary XML file
          I_LENGTH TYPE I VALUE 0.
    parameters: P_path type IBIPPARMS-PATH default 'C:\Documents and Settings\c5104398\Desktop\flights.xml'.
    " Get the XML file path from the user
    at selection-screen on value-request for P_path.
      CALL FUNCTION 'F4_FILENAME'
        IMPORTING
          FILE_NAME = P_PATH.

  • I have been using LR5 on a Mac mini. The LR was installed on an external drive. Now I would like to use Smart Previews on my Internal drive to take advantage of the speed. When I make previews they go to originals. How can I put them on the internal drive

    when started with LR 5 on my Mac I used advise from Adobe's LR5 book, I installed  it on an external drive, processing originals was a little slow so I decided to make smart previews on my internal drive to get faster processing. However the smart previews hook up with the originals and so there is no advantage just a bigger file. Is there anyway when I make the previews stay on the internal drive or am I locked in with the current setup. I can find no LR5 folders on the internal drive.
    Thanks,
    John Sr.

    Are you doing a lot of spot removal or brushing?
    This doesn't sound like a disk drive issue at all. Once Lightroom reads the file from the disk, and you are editing, the disk plays no further role. Using a faster disk drive here will not make the slightest difference.
    So, I would check your graphics drivers to see if they are up to date. I would also temporarily disable your virus checker and firewall.
    How much memory does your computer have? What CPU do you have?
    How big (in megapixels, not megabytes) are the photos you are editing?

Maybe you are looking for

  • Create Package while transporting a process chain

    I want to transport a process chain but while doing so it is asking for "package" name. I do not have authorization to tcode SE21 to create a Package. I checked with ABAPer and he also does not have access to SE21. Is it mandatory to transport a proc

  • I CAN'T INSTALL FINAL CUT PRO 3 ON MY NEW INTEL IMAC, HELP!!!

    I'm trying to install FINAL CUT PRO 3 onto my new iMac but can't. It reads the disk but then says, "Original disk needed for install." I have the original disk, I own a registered copy of the program, so I'm stuck.

  • How can i put a logo in the lower right hand corner of a video?

    You like like a TV show like NBC, CBS, or ABC, in the lower corner, and its kinda clear (transparent). How can i do this on iMovie?

  • How to move page from One workspace to another workspace

    I have a production web site in one workspace and a development web site in another workspace. I want to move a page(not all) from production workspace to development workspace. How to achieve it? Thanks for your help.

  • FCE claims media offline, but it's not

    I opened up my project today and noticed that two of the video clips on the Timeline have turned black with the red stripe across the middle that says "Media Offline." Both of these clips were derived from a single clip in the Browser, and that clip