How do I change subnet on an ASA 5505 ?

MyersEngineering.com · ‎11-12-2008

The ASA 5505 comes with a default ip of 192.168.1.1. That is fine for a starting point, but we have expensive software authorized for a subnet of 10, so I must change the firewall to match.

The problem appears to be that it processes the changes in sequece. So when I change the Vlan1 IP to a subnet of 10, it objects because that does not match the dhcp subnet that is still 1. And when I change the dhcp subnet to 10, it obhects because the Vlan1 subnet is still 1 due to its previous objection.

So I appear to be caught in a chicken and egg situation. As you can see from this output, I have them both set to 10, and after the settup is done, it processes it all, in sequence, objecting to changes that don't match the current settup before even looking at the next settup changes:

[OK] Interface vlan1

Interface vlan1

[ERROR] ip address 192.168.10.12 255.255.255.0

Interface address is not on same subnet as DHCP pool

ip address command failed

[ERROR] dhcpd address 192.168.10.13-192.168.10.254 inside

Address range subnet 192.168.10.13 or 192.168.10.254 is not the same as inside interface subnet 192.168.1.1

[OK] write memory

--------------------------------

Anyone have an idea how to proceed ?

acomiskey · ‎11-12-2008

1. disable dhcp - no dhcpd enable inside

2. change interface address and mask

3. remove old dhcp pool

4. create new dhcp pool

5. enable dhcp - dhcpd enable inside

MyersEngineering.com · ‎11-12-2008

Thank you acomiskey.

I was careful to not enable dhcp.

I tried to go back in to visually verify that, but cannot. When I can get back in I will do the things you have specified. Right now I have to start another thread to beg for help getting back in :(