Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

DSL/PPPoE w/ Static IP on ASA5505


I'm relatively new to Cisco devices, and I'm very thankful for everyone's help on these forums.

I'm going to be deploying an ASA5505 next week at a site office to replace an old Symantec SGS1600. The location is using a DSL connection and the SGS1600 was set up for that connection using PPPoE. We're going to be setting up a Site-to-Site VPN between our ASA5505 here and the new one there, and it seemed like that would all go easier if they had a static IP, so I inquired about that and gathered that we've had a static IP all along and never realized it (unfortunately, I wasn't involved in setting that up). So I had a few questions:

1. I've never set up an ASA5505 for DSL/PPPoE, and when I configured our ASA5505 here (which is just a straight-up static ethernet connection behind a router provided by our ISP), I pretty much did it using Wizards and the ASDM, so I'm not really a configuration file expert at all. Is the DSL/PPPoE setup something that'll just be an option in doing a basic configuration through the ASDM, or is there something more complex involved in that setup?

2. Despite the static IP option on the account, the SGS1600 has been set up to get its IP via DHCP this whole time. Should I have the ASDM grab it dynamically as well, or should I just set it up as if it were a rather static IP that I'd assigned myself? (I mean, when I go to set up the S2S VPN, I'll know the IP that it's grabbing in terms of setting this all up on the other end, but will that complicate the VPN setup if the outside interface is grabbing its IP over DHCP?)

3. Otherwise, this deployment should be completely "usual" -- we just want a S2S VPN blindly tunneling everything destined for our two locations and then everything else allowed outbound to the internet directly and nothing allowed inbound. Are there any other gotchas or things I should be keeping in mind for this?

CreatePlease login to create content