Greetings i have the following config below, some of the addresses are fictitious but resemble to same addresses.
I have assigned a single outside address to E0/0 and create multiple sub interfaces for various internal vlans which are hanging of E0/1
I also have a CCME router that i would like to have a public address for SIP connectivity.
Initially i had wanted to use E0/2 and assign a second outside address on the same network then assign another outside address within the same network to F0/0 on the CCME router which would in turn connect to E0/2 on the ASA so i that i wouldn't have to NAT any traffic but still have the ASA in-between.
Now unfortunately ive just realised that i cant have overlapping networks on the ASA.
ip address 220.127.116.11 255.255.255.240
no ip address
ip address 172.29.255.1 255.255.255.0
ip address 172.28.255.1 255.255.255.0
ip address 172.27.255.1 255.255.255.0
ip address 172.26.255.1 255.255.255.0
ip address 172.25.255.1 255.255.255.0
ip address 172.30.255.1 255.255.255.0
Is there a way to still provide the the CCME router with a public address whilst keeping the asa in between the two?
You can configure a static NAT translation through the ASA to give the CCME router a public address. To do so, address the F0/0 interface of the CCME router with an inside address such as 172.28.255.2 (assuming this is on VLAN 102). Then on the ASA, configure a static NAT translation with the following command:
nat (telcovoice, outside) 18.104.22.168 172.28.255.2 netmask 255.255.255.255
Also you must do a "clear xlate" command to reset your translations and put the new NAT statement into production.
What this does is make the ASA listen to requests on 22.214.171.124 and forward them back to the inside address of 172.28.255.2. To allow traffic through the ASA to the CCME router you will also have to permit whatever traffic you need with an access-list on the outside interface.
Hope this helps.