Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
683
Views
5
Helpful
5
Replies

ASA 5510 anti spam module issue need help

binoyjosephstanly
Level 1
Level 1

‎01-13-2007 09:43 PM - edited ‎03-11-2019 02:18 AM

hi all,

i have ASA5510 my E0 interface is having public ip and E1 is having 192.168.1.0/24 network and my DMZ E2 is 172.16.2.0/24 network.

my management interface ip address is 10.10.10.1 and ive put 10.10.10.5 for SSM module. but im not receiving the updates from net bcoz there is no connection to the internet from 10.10.10.0/24 network.

how can i do that, and ASA 5510 has got 4 ports E0,E1,E2,E3 but i can see that port E3 is activated if i chk the sh run there is no port E3.

now my issue is i would like to allow 10.10.10.0/24 to access internet to update the module.

pls help, i will rate all the posts.

Regards

Binoy.

Labels:
0 Helpful
5 Replies 5

sachinraja
Level 9
Level 9

‎01-14-2007 05:32 PM

Hello Binoy,

Do you have a router which connects to internet from your ASA box ? If so, you can do a PAT or NAT on the internet router to make sure you transform the private IPs (10.10.10.0/24) to some public IP, for internet access.. Once the NAT is done, the SSM module can receive updates from the internet..

If you need any assitance configuring NAT, u can post us back. you also need to give a route back to 10.10.10.0/24 from your router (if u do a NAT in the router).

Hope this helps..

Raj

binoyjosephstanly
Level 1
Level 1
In response to sachinraja

‎01-14-2007 10:25 PM

thanks for your reply sachin.

ive a router its 1841 a 256 kbps line. so the patch code from ssm module where should i connect.rt now im connecting it to a 8 port switch i mean the management and ssm port how should i connect this can i post the config file. pls help

0 Helpful

sachinraja
Level 9
Level 9
In response to binoyjosephstanly

‎01-14-2007 10:46 PM

Hello Binoy,

You can connect the management port of the SSM to some switch which connects on the MGT VLAN 10.10.10.0/24.. It should just be configured an IP and should be able to ping the default gateway. U can give the default gateway to a layer 3 switch. u have L3 in ur network ? You can then do a NAT on the ethernet interface of your router....

Hope this helps.. all the best.

Raj

0 Helpful

binoyjosephstanly
Level 1
Level 1
In response to sachinraja

‎01-14-2007 10:54 PM

sachin my E1 interface is 192.168.1.1/24 which is my inside and ive dmz it's 172.16.2.1/24. so for dmz and inside network ive got diff switches.and for managemnt im using a diff switch 8 port switch.

so for my inside network 192.168.1.1 is the default gateway.and for dmz 172.16.2.1 is my gateway so in this situation where can i connect my ssm module connection thats what my issue .

0 Helpful

binoyjosephstanly
Level 1
Level 1
In response to binoyjosephstanly

‎01-16-2007 08:28 PM

hi sachin

im expecting some inputs from you.

Regards

Binoy

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card