DSL modem and ASA 5520

Answered Question
Sep 12th, 2010

I have a DSL modem ( Thomson) at my home and Cisco ASA 5520. Currently the modem is used for providing internet to some PC's and its getting a DHCP ip address.

So how can i configure the ASA to work with ASA ?

I want to work on some practice labs

Please can someone help.

Correct Answer by Nagaraja Thanthry about 6 years 5 months ago

Hello,


You can configure the ASA just like another PC. You can give it a static IP

in the range of DSL Modem inside address with DSL modem as the default

gateway (or you can configure the outside interface to get IP address via

DHCP with setroute option enabled). Then you can use interface IP (or any

other unused IP in the same range) for NAT. Since DSL modem will be the

default gateway, all traffic will be sent to DSL modem. DSL modem will apply

NAT again and send the traffic to the outside.


On the inside interface of the ASA, you can use whatever IP range you like

(something other than the outside IP range) and connect a workstation

directly to that interface. Make sure that the workstation points to ASA as

its default gateway. Configure NAT on the ASA so that the workstation IP

gets Natted when going out of the firewall.


Hope this helps.


Regards,


NT

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Loading.
Correct Answer
Nagaraja Thanthry Sun, 09/12/2010 - 05:35

Hello,


You can configure the ASA just like another PC. You can give it a static IP

in the range of DSL Modem inside address with DSL modem as the default

gateway (or you can configure the outside interface to get IP address via

DHCP with setroute option enabled). Then you can use interface IP (or any

other unused IP in the same range) for NAT. Since DSL modem will be the

default gateway, all traffic will be sent to DSL modem. DSL modem will apply

NAT again and send the traffic to the outside.


On the inside interface of the ASA, you can use whatever IP range you like

(something other than the outside IP range) and connect a workstation

directly to that interface. Make sure that the workstation points to ASA as

its default gateway. Configure NAT on the ASA so that the workstation IP

gets Natted when going out of the firewall.


Hope this helps.


Regards,


NT

Abdul Samir Shaikh Sun, 09/12/2010 - 07:06

Hi NT,

Thanks for your fast response.

I got the basic IP

Is it possible to make VPN,port forwarding etc..

Nagaraja Thanthry Sun, 09/12/2010 - 08:35

Hello Samir,


As long as you can do port forwarding on the DSL modem/Router, you can

configure the firewall to do VPN. The same thing applies to other port

forwarding configurations as well. You need to check the DSL Modem/Router to

make sure that it can do port forwarding.


Regards,


NT

Actions

This Discussion