General question: Can I have a sub-interface on eth0/0 for two Public IP blocks?

Answered Question
Apr 21st, 2010
User Badges:

Hey guys,


I just had this request from my IT department. They are running out of public IPs and the ISP just gave them a new range (they will keep using the old range). They are using ASA 5510 as their gateway device. I am wondering if I can create a sub-interface on the ASA eth0 (however doesn't belong to any VLAN, just untagged as the main interface) and assign it another public IP (as well as another default gateway). Will this setup work? Any advice is welcome. Thank you!


Difan

Correct Answer by Panos Kampanakis about 7 years 1 week ago

It will not work.


Have the ISP send traffic destined to the new range towards you currant ASA ip address and NAT that range on the ASA's outside for inside hosts.


I hope it helps.


PK

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Loading.
Jennifer Halim Wed, 04/21/2010 - 19:07
User Badges:
  • Cisco Employee,

The best solution in your case is to route the new public range towards the current ASA outside ip address.

Correct Answer
Panos Kampanakis Wed, 04/21/2010 - 21:01
User Badges:
  • Cisco Employee,

It will not work.


Have the ISP send traffic destined to the new range towards you currant ASA ip address and NAT that range on the ASA's outside for inside hosts.


I hope it helps.


PK

Difan Zhao Thu, 04/22/2010 - 09:57
User Badges:

That's really a smart and tricky solution... I will give it a try. Thanks guys!

Actions

This Discussion