Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Change ASA Firewall Address

When I go through the ASDM manager and change the IP address of the ASA5505 unit and write to memory I get an error. Is there a way to do this via the console port? Thanks

1 ACCEPTED SOLUTION

Accepted Solutions

Re: Change ASA Firewall Address

go to enable mode and issue

no dhcpd address 192.168.1.2-192.168.1.33 inside

then configure the vlan to re-ip the interface after that is done go back to placing back dhcp pool for your inside network using your new IP subnet information, follow the pool format you removed for the IP range.

19 REPLIES
New Member

Re: Change ASA Firewall Address

1. Connect to the ASA

2. Enter Configuration mode

3. Enter the interface type and number

4. Enter the new ip address

5. Save configuration

This will look as follows, were x is ip address and y is mask:

asa(conf)# int e0

asa(conf-if)# ip address x.x.x.x y.y.y.y

Re: Change ASA Firewall Address

New Member

Re: Change ASA Firewall Address

Here is what I typed

enable

p/w

config t

int e0 and I get and error "% Incomplete Command"

TIA

Re: Change ASA Firewall Address

please post " show interface " or follow the link I posted for complete CLI syntax.

New Member

Re: Change ASA Firewall Address

My example said e0, your ASA likely has a different interface type / number, once you determine what that is and enter it in place of my example you should be fine.

A sh run or sh interface will provide that information for you

Re: Change ASA Firewall Address

I agree with Whisper, his example script with int e0 should have worked !

New Member

Re: Change ASA Firewall Address

when I type sh run I get

Ethernet0/0 - Ethernet0/8

Re: Change ASA Firewall Address

are you sure you have an ASA,

do " show version " and post info.

New Member

Re: Change ASA Firewall Address

ASA 8.0(2)

Device Mgr 6.0(2)

ASA5505

Re: Change ASA Firewall Address

Go to this link, you actually have to configure the ip in VLAN1 and/or VLAN2 instead of the physcal inetertace as this comes as default configuration for the 5505s

so you would do

config t

interface vlan#

http://www.cisco.com/en/US/docs/security/asa/asa80/getting_started/asa5505/quick/guide/setup.html#wpxref79743

Defaults

Two VLANs: VLAN 1 and VLAN2

?VLAN 1 has the following properties:

?Named "inside"

?Allocated switch ports Ethernet 0/1 through Ethernet 0/7

?Security level of 100

?Allocated switch ports Ethernet 0/1 through 0/7

?IP address of 192.168.1.1 255.255.255.0

?VLAN2 has the following properties:

?Named "outside"

?Allocated switch port Ethernet 0/0

?Security level of 0

?Configured to obtain its IP address using DHCP

New Member

Re: Change ASA Firewall Address

So after I type interface vlan1

I type ip address x.x.x.x y.y.y.y and I get an error "interface address is not on the same subnet as DHCP pool" should I disable DHCP and if so how?

New Member

Re: Change ASA Firewall Address

Well there you go, your ASA has interfaces labelled as ethernet 0/0 and so forth :-)

New Member

Re: Change ASA Firewall Address

I can get to Ethernet0/0 then when I type

ip address x.x.x.x y.y.y.y I get an Error "This can only be configured on VLAN devices"

Re: Change ASA Firewall Address

see my previous post.

configure the ip addresses through VLAN#

your inside vlan is VLAN1 and VLAN2 is your outside.

config t

interface vlan1

ip address x.x.x.x MASK

New Member

Re: Change ASA Firewall Address

I did that and thats when I get the Error "Interface Address is not on the subnet as your DHCP Pool". I believe my subnet is 255.255.255.255 is there a way to check?

Re: Change ASA Firewall Address

do this, if you are connected via console through hyperterminal do a capture-text from the terminal , do show run and save the file as config.txt ..then paste or attach the whole confiuration here.. to take a look at it.. we will need to remove the default dhcp pool configuration in order for you to configure the interface.. thats why it wil not take a different IP block because it does not match the default dhcp pool.

New Member

Re: Change ASA Firewall Address

Ok here is the file.

Re: Change ASA Firewall Address

go to enable mode and issue

no dhcpd address 192.168.1.2-192.168.1.33 inside

then configure the vlan to re-ip the interface after that is done go back to placing back dhcp pool for your inside network using your new IP subnet information, follow the pool format you removed for the IP range.

Re: Change ASA Firewall Address

Dennis, thanks for the ratings..

Also rememenber to save configuration every time you make changes at the command line by issuing " write mem " , by not doing so your config will be lost when you reboot the firewall.

Thanks

Jorge

215
Views
0
Helpful
19
Replies
CreatePlease to create content