ASA 5505 setup with Netopia router in Bridge Mode , Internet is not accessable.
Hello, I am trying to add a firewall ASA5505 between netopia 3347 router and my LAN. My connection is like this (LAN --- ASA5505---NETOIPA--- INTERNET). DSL is provided by AT&T. I have 5 static IP addresses. Netopia router is working in PPPoE mode and I have assigned the Last static IP in the LAN side of the netopia router. (DHCP and Wireless disabled in the Netopia).
In the ASA5505 WAN side I have given the first usable IP address and LAN side 192.168.1.0 series. I can access Internet in this configuration,how ever when I check whatismyipaddress.com, it shows the IP address of netopia router (this is the default gateway for ASA), not my firewall WAN address. With out my firewall WAN address users are not able to access VPN from outside.
So I thought to changeed Netopia router in to bridge mode, then Internet is not accessable. But I can access/reach the netoipa router. I called AT&T DSL support to fix the bridge mode issue, he says it the problem of firewall issue.
1) Is there any problem with my setup or configuration?
2) Is this the way it should work?
3) Is there any special configuration required in the ASA firewall when it work with netopia and PPPoE.
Re: ASA 5505 setup with Netopia router in Bridge Mode , Internet
No problem that I see.
If you set the router in bridge mode, then the ASA will have the public IP and you can terminate the VPNs on the ASA.
As well you can NAT on the ASA to allow internet access.
If the router is not in bridge mode and keeps the public IP, then if the router supports redirection, you can create a rule to redirect VPN traffic to the private IP of the WAN side of the ASA (still can terminate the VPNs on the ASA in this way).
In this scenario, NATing will be done on the router.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :