Default Route
To abstain the charge to use changeless avenue entries for every accessible destination network, a absence avenue identifies
the absence aperture abode for forwarding packets for destination network(s) not absolutely begin in the routing
table. Absence routes are put to best use in topologies area acquirements all or added specific networks is not
desirable, as in the case of butt networks, or networks with alone a distinct articulation abutting to the alien network
(or Internet). A absence avenue is artlessly a changeless avenue (with a destination address/mask brace of 0.0.0.0/0) that is
configured application the aforementioned avenue command acclimated to ascertain changeless routes and is usually aimed against the
external arrangement on the alfresco interface.
The Security Appliance has the adequacy to ascertain a abstracted absence avenue for encrypted cartage forth with the
standard absence route. Use the tunneled advantage in a absence avenue account to ascertain a abstracted gateway
address for forwarding all encrypted traffic. The tunneled advantage does not abutment assorted equal-cost path
routes. Archetype 6-5 shows a Security Appliance configured with two absence routes, one for the non-encrypted
traffic and addition for encrypted traffic. Non-encrypted cartage for which there is no changeless or dynamically learned
route is forwarded to aperture 209.165.201.1. Encrypted cartage for which there is no changeless or dynamically
learned avenue is forwarded to aperture 209.165.201.2.
Example 6-5. Configuring Abstracted Absence Routes for Encrypted and Non-Encrypted Traffic
hostname(config)# avenue alfresco 0.0.0.0 0.0.0.0 209.165.201.1
hostname(config)# avenue alfresco 0.0.0.0 0.0.0.0 209.165.201.2 tunneled
Figure 6-8 shows an archetype to configure a changeless and absence route. A absence avenue is configured to accelerate all
traffic to the upstream accessory on the alfresco interface. Arrangement A and Arrangement B are nonconnected networks;
hence, two changeless routes are created that accelerate cartage destined for Arrangement A (172.16.1.0/24) to the downstream
router (10.1.1.2) that is affiliated to the central interface, and for Arrangement B (192.168.1.0/24) to the
downstream router (10.1.2.2) affiliated to the DMZ interface.
Figure 6-8. Configuring a Changeless and Absence Route