Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2361
Views
0
Helpful
1
Replies

Secondary IP Addresses on ASA

sidcracker
Level 1
Level 1

‎12-03-2009 01:04 AM - edited ‎03-11-2019 09:45 AM

Hi All,

How can we add secondary IP Addresses to interfaces in ASA? What is the need for secondary addresses on an interface?

Thanks

Labels:
0 Helpful
1 Reply 1

Jon Marshall
Hall of Fame
Hall of Fame

‎12-03-2009 04:55 AM 

sidcracker wrote:
Hi All,
How can we add secondary IP Addresses to interfaces in ASA? What is the need for secondary addresses on an interface?
Thanks

You can't but then you don't really need to eg.

you have an outside interface with a public IP address. You now need some more public IPs and your ISP gives you a new /29 block of public IPs. Because they have been assigned to you the ISP will route those addresses to your ASA ie. the existing outside interface.

So to use them you do not need to physically address any other interface, you just use NAT statements eg you have al web server 192.16.5.10 that you want to present to the Internet with one of the new public IPs

static (dmz,outside) 195.17.17.10 192.168.5.10 netmask 255.255.255.255

then just add an ace in your outside acl

access-list outside_access_in permit tcp any host 195.17.17.10 192.168.5.10 eq www

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card