Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

New block of IPs and new gateway to add on ASA5505

At this time I have on my firewall the following;

Subnet; 24.222.61.x

Gateway; 24.222.61.x

Subnet Mask; 255.255.255.240

Usable IP Range; 24.222.61.x to x

 

They gave me a new outside IP Addresses and GW;

Subnet; 24.222.92.x

Gateway; 24.222.92.x

Subnet Mask; 255.255.255.224

Usable IP Range; 24.222.92.x to x

 

How do I add the new outside network to my ASA?

1 REPLY

Interfaces only support a

Interfaces only support a single IPv4 address.  If you are changing addresses, you can just redo the outside interface ip address line and any default route statement.

If you are keeping the old addresses plus adding the new ones, you have a couple of options:

  1. You could configure a second "outside" interface with a different name which used the new subnet and address.  However, there would be routing issues, so you might not like that.
  2. You could have the upstream ISP route the new subnet to your old firewall address, and use the new subnet for NAT.  This is particularly good for static inbound NAT scenarios.
  3. You could configure a new DMZ style interface for the new subnet on the inside, and also have the ISP route the new subnet to the old outside address.

I use both strategies (2) and (3) with different chunks of my own public v4 space.

-- Jim Leinweber, WI State Lab of Hygiene
 

41
Views
0
Helpful
1
Replies