I have a client of my that contracted with some RFID company in CA to setup up the HQ ASA and 11 5505
they set up VPN to site to site on all sites back to HQ.
now that i am there the client want to add another 2 web server on the inside of the fire wall so i email the RFID company and they have been giving me carp. i have setup my firewall at the house (PIX515 with v8.04) with 5 ip address. the RFID compay said they they will have to reboot the ASA5510 and he could not put another ip on the interface. well i said ok but i just what i want to do NATing and emailed him the command that he would work but gave more crap. this time he said the VPN would break. i think the RFID company contracted a cisco person that know the ASA and they dont want to change the over all config.
so basicaly i would like to have someone help me convince the president of my client to go my way. smipley I think i would be better to use a domain name without PAT. my client has 16 IPs and the RFID dude only wants to use one.