cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
614
Views
0
Helpful
7
Replies

ASA 5505 / DHCP, Static IP, and NAT help

interknox
Level 1
Level 1

Greetings everyone!

I have an ASA 5505 and I'm having a couple of issues and I need some help with something.

First, I have a computer on the network that will not connect to the internet when I set the IP manually. If it connects to the ASA via DHCP, it works fine, but manually it fails. What can I do to fix this?

Also, this computer needs to have a few ports sent to it, to make it "open". I am using ASDM and have no clue how to get this to work. Any help would be great.

Thanks all!

7 Replies 7

husycisco
Level 7
Level 7

Hi Chris

First, let computer obtain IP from DHCP. Then Start>Run>Cmd>ipconfig /all . Note down the acquired IP address, gateway! subnetmask and DNS! addresses, and try assigning these values manually.

"Also, this computer needs to have a few ports sent to it, to make it "open". I am using ASDM and have no clue how to get this to work" please describe what you want to achieve, you want this internal IP to be reached from outside using a public IP (Port forwarding) ?

Regards

Thanks for the response! I'll try doing the manual setup via your advise. Won't DHCP mess up though?

What I need are some ports to be NAT'd to the machine I'm talking about above. I have no clue how to do this on the command line, so I use ASDM. Any help would be apprecaited!!!

No DHCP wont mess up. But my personal advise is not using Cisco DHCP, since you can not make reservations. Now you can assign the IP address that you btained from DHCP manually, and can use it without any problem untill its lease expires.

Do you have a specific public IP to be one-to-one natted to internal client or you want to use the outside interface IP?

I'd like to use the outside interface IP, as it's an ATT DSL line, without a static IP setup.

all you have to do is

static (inside,outside) tcp interface portnumber internalip portnumber netmask 255.255.255.255

access-list outside_access_in permit tcp any interface outside eq portnumber

Regards

Chris, any update?

Please do not forget to accept the comment as an answer which resolved your issue

Regards

I'll try this later on today and let you know. Sorry for the delay.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: