We have a network that has an interface on our ASA. This network will be moving to a new location and will now be connected to one of our regular layer 3 switches. What needs to be done on the ASA to disable this network and allow the correct routes to be in the ASA to allow access from the new location?
Well if you have the network configured on one of your interfaces then you naturally need to configure a new network for that link and take this into account in the "route" configurations on the ASA and in the "ip route" configurations on the other devices forwarding traffic to it.
There will probably be some other configurations that need to be changed to use the new interface network/subnet also depending on if the interface just links to another router or if its directly connected to a host network through a switched network.
You would remove any access-lists and NAT rules that reference the interface and then unconfigure it completely (remove the nameif, ip address, security level assigned and, if monitoring as part of an HA pair, the monitor command).
Once the ASA no longer knows about the network as connected, you would need to check your existing routing processes or static route statements to ensure reachability of the network.
If you could provide the configuration we could provide more explicit instructions.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :