Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

515E ip address inside x.x.x.x

Lets say for example....my 515E config looks like such...

nameif ethernet1 inside security100

ip address inside 199.199.199.1 255.255.255.0

interface ethernet1 auto

static (inside,outside) 199.199.199.0 199.199.199.0 netmask 255.255.255.0 0 0

And I change it to this

nameif ethernet1 inside security100

ip address inside 200.200.200.1 255.255.255.0

interface ethernet1 auto

static (inside,outside) 200.200.200.0 200.200.200.0 netmask 255.255.255.0 0 0

Basically just changing the static mappings and IP address of the internal interface. My questions is. Will this affect any of my rules. I do not think it will but I wanted to check.

Routing would have to change but other than that.

Thanks

4 REPLIES

Re: 515E ip address inside x.x.x.x

Your acls will have to change as well. If they reference the IP, you will need to remove the acl and re-apply with the new IPs. Other than routing and acls, you are good.

Hope it helps.

Steve

New Member

Re: 515E ip address inside x.x.x.x

But if the acl looks like such why does it have to be touched

access-list acl_in permit tcp any 199.199.199.45 eq 22

and there is a new route for the 199.199.199.0 network to 200.200.200.0 then does it really matter the acl is just one more hop away

Re: 515E ip address inside x.x.x.x

The static command creates a permanent mapping between a local IP address and a global IP address. Use the static and access-list commands when you are accessing an interface of a higher security level from an interface of a lower security level. It doesn't have anything to do with routing. Your 199.199.199.0 network is seen on the outside as 199.199.199.0, it's not being NAT'ed to a new IP. So if your acl is allowing access to 199.x.x.x but your static is 200.x.x.x, no one can access 200.x.x.x.

Steve

New Member

Re: 515E ip address inside x.x.x.x

You are correct, Thanks for the input,

96
Views
0
Helpful
4
Replies
CreatePlease to create content