ASA 5505 Need help with Configuration

Unanswered Question
Feb 26th, 2014
User Badges:

Ok I just purchased a 5505.  I am plugging the ASA directly into my DSL Modem. I have a static IP address 71.

29.95.9 that the router is configured with. The DSL Modem connects through PPPOE connection.


First question: Should I configure the Outside interface of ASA with this IP address of 71.29.95.9? Can the ourside interface have the same IP as the Router?

Second: When i let DHCP configure Outside interface, I get the Outside interface to get a 10.1.1.114, which is really the inside interface of my network. I can ping 8.8.8.8 and the Default gateway also. The last resort of the ASA is 10.1.1.100, which is the LAN address of the DSL Modem.

The problem is I want to have VLAN1 to be on the 10.1.1.0 network and the outside to be on a differnt network.


I also want my onsite DHCP and DNS server to handle requests on the internal network also, thoughts on this?

Currently my default gateway for my internal network is 10.1.1.100


I can post a running config if needed. Any help would be appreciated.


Thanks,

Jeremy                

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Maykol Rojas Mon, 03/03/2014 - 08:35
User Badges:
  • Cisco Employee,
  • Participante Destacado,

    Mejor Publicación, Diciembre del 2015

Hi Jeremy;

Well this is an issue. First it would be better to get the info from your ISP. Per your explanation they expect that you connect via DHCP and have your inside network being addressed differently. From there u can run all the services that you want on ur internal network as u want.

The reason that u want 10.1.1.0/24 is because u like it? :) or is there something else? Because other thing that you can do is to call them and have them change the internal network of the DSL.

Hope it helps.
Mike


Sent from Cisco Technical Support Android App

jkryworuchko Tue, 03/04/2014 - 04:39
User Badges:

Thanks for the reply. Ok, the last network admin had the 10.1.1.0 network setup, We have an internal DHCP server that passes out that class of IP's.  I just don't undserdand why DHCP on my Outside port is picking up an internal IP address instead of an external IP it is like the DHCP is picking up IP address from internal DHCP server instead of from the ISP WAN. I know that the router connects VIA PPPOE to the internet. I try to give my outside interface configured via PPPOE with not luck, still can access the internet. When I connect with DHCP I get an 10.1.1.1.74 IP and can access the internet.


I don't feel like changing my IP scheme an my internal network to make this work. I want 10.1.1.0 to stay the internel network and the outside interface to be the 71.29.95.9 address?


My question is, can my router have the same IP as the outside interface of the ASA?

Maykol Rojas Tue, 03/04/2014 - 10:19
User Badges:
  • Cisco Employee,
  • Participante Destacado,

    Mejor Publicación, Diciembre del 2015

It could also be that both are handling the same scheme for DHCP, or that everything is connected on the same Vlan.


To answer your question, no, it is not possible.

If you plug a cable direclty to the modem to the ASA and having the firewall to accept a DHCP address, what do you get?



Mike

jkryworuchko Wed, 03/05/2014 - 04:32
User Badges:

When I do what you suggested I pull a 10.1.1.74 address. I want the internal interface to be pulling IP addresses from my DHCP server, which I think this outside interface is pulling from. When I look at DHCP server I can see the IP address 10.1.1.74 and it is named ASA so I know the address is coming from my DHCP server on the external interface.

Actions

This Discussion