11-12-2008 06:42 AM - edited 03-06-2019 02:26 AM
The ASA 5505 comes with a default ip of 192.168.1.1. That is fine for a starting point, but we have expensive software authorized for a subnet of 10, so I must change the firewall to match.
The problem appears to be that it processes the changes in sequece. So when I change the Vlan1 IP to a subnet of 10, it objects because that does not match the dhcp subnet that is still 1. And when I change the dhcp subnet to 10, it obhects because the Vlan1 subnet is still 1 due to its previous objection.
So I appear to be caught in a chicken and egg situation. As you can see from this output, I have them both set to 10, and after the settup is done, it processes it all, in sequence, objecting to changes that don't match the current settup before even looking at the next settup changes:
[OK] Interface vlan1
Interface vlan1
[ERROR] ip address 192.168.10.12 255.255.255.0
Interface address is not on same subnet as DHCP pool
ip address command failed
[ERROR] dhcpd address 192.168.10.13-192.168.10.254 inside
Address range subnet 192.168.10.13 or 192.168.10.254 is not the same as inside interface subnet 192.168.1.1
[OK] write memory
--------------------------------
Anyone have an idea how to proceed ?
11-12-2008 07:53 AM
1. disable dhcp - no dhcpd enable inside
2. change interface address and mask
3. remove old dhcp pool
4. create new dhcp pool
5. enable dhcp - dhcpd enable inside
11-12-2008 11:11 AM
Thank you acomiskey.
I was careful to not enable dhcp.
I tried to go back in to visually verify that, but cannot. When I can get back in I will do the things you have specified. Right now I have to start another thread to beg for help getting back in :(
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide