ASA 5510 & Comcast Ethernet


I have the following situation, and not sure if the ASA can do this or not?

We have just ordered Comcast Ethernet [Fiber] service. They'll be installing a managed switch [Layer 2]. They'll be handing off an IP of x.x.138.114/30 to one of our devices. They're requiring a Layer 3 device [Router or Switch]. They have given us a range of IP's to use for internal servers, etc. of x.x.139.1/27.

So, the questions I have are:

  1. Can the ASA 5510 do both sets of IP's, or do I need another device between their provided switch and the ASA?
  2. Can I simply assign the x.x.138.114/30 to the Outside interface, and add static routes for the x.x.139.1/27 to the ASA's routing table?

Thanks in advance!


1. Yes it can

2. Yes, configure the /30 on the outside interface. You don't need to enter x.x.139.1/27 in the routing table. That address space is being routed down to you from your ISP. When you create your NAT's from the /27 address space the ASA knows that it is on the outside (via your NAT statement) and will respond to ARP's.

Hope it helps.

Collin, thanks very much! I was close to buying a router to put in between, but looks like I'm all set...

Thanks again!

