IP change with a ASA 5505

Answered Question
Aug 2nd, 2007
User Badges:

Hello


Attempting to deploy an ASA 5505 as a basic router, i have to change default IP (192.168.1.1) to a new one (192.168.3.1).


From the DSAM interface I edit with a right click my inside configuration and modify the value.


Then I valid and apply. The DSAM interface warn me about disconnection, as my IP isn't on the same subnet.


I leave the interface, i change my laptop IP and can ping the router with is new IP 192.168.3.1 but i can't open the admin interface.


After a reboot, the router IP is back to the default 192.168.1.1


Any Ideas ? thanks for answers.

Correct Answer by JORGE RODRIGUEZ about 9 years 9 months ago

you changed IPs , disconnected from fw by the change, change laptop ip and you can ping the interface, however, you never told the asa which IPs can telnet or http to the firewall for management withing the new IP/subnet change, you rebooted and old ip came back because you never saved the config.


coulple of things you could do before changing the IP.


Instruct asa to allow any IP inside your lan to access it .


This is more efective as you are not bound to a subnet.


http 0.0.0.0 0.0.0.0 inside

telnet 0.0.0.0 0.0.0.0 inside


or per subnet


http 192.168.3.0 255.255.255.0 inside

telnet 192.168.3.0 255.255.255.0 inside



Once you make the IP change get back into asa and save config.



HTH

Jorge


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
JORGE RODRIGUEZ Thu, 08/02/2007 - 04:04
User Badges:
  • Green, 3000 points or more

you changed IPs , disconnected from fw by the change, change laptop ip and you can ping the interface, however, you never told the asa which IPs can telnet or http to the firewall for management withing the new IP/subnet change, you rebooted and old ip came back because you never saved the config.


coulple of things you could do before changing the IP.


Instruct asa to allow any IP inside your lan to access it .


This is more efective as you are not bound to a subnet.


http 0.0.0.0 0.0.0.0 inside

telnet 0.0.0.0 0.0.0.0 inside


or per subnet


http 192.168.3.0 255.255.255.0 inside

telnet 192.168.3.0 255.255.255.0 inside



Once you make the IP change get back into asa and save config.



HTH

Jorge


Actions

This Discussion