Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

asa 5540 vpn ip addressing quesiton

i'd like to change the outside address that my 5540 listens on for our ipsec vpn clients, where exactly do i change this?  perhaps in nat rules (tcp 1000?) we have a /29 and i'd like to replace our pix that is serving as our vpn and would love to reuse that address so there is no config changes.



Maybe you can ask Cisco CCIE

Maybe you can ask Cisco CCIE for help. If you don't know much about Cisco ASA 5540 firewall, maybe this can help you.

New Member

ok thanks, i'm somewhat

ok thanks, i'm somewhat familiar with the pix / asa firewalls as i have set ours up and manage it, but i thought this was the best place to put this!  





Hi mgraham99, You change the

Hi mgraham99,


You change the nat rule that associated with particular public address on which that service request come on for protocol 'esp' and 'ah'.


Hope that helps.



Rizwan Rafeek


New Member

Rizwan, i actually figured it

Rizwan, i actually figured it out today.  


this is how i fixed it. 


re created all VPN rules, new tunnel address range, and shut down the old pix.  right after that i changed the outside global address of the 5540 to the pix global and everything transitioned smoothly!