Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

asa interface assignments

I have two public ip ranges from the isp that I’m assigning to my asa 5512.  One range is a /29 and the other range is a /26.  I’ve assigned the /29 as nameif outside and the /26 as nameif inside.  Are there any anamolies with this design.  I’m wondering if it would be better to assign the /29 as outside and use a private range for inside and then translate that to the /26.  It is currently working way it is but I’m wondering about whether it is worth changing it.  Thanks

2 REPLIES
Community Member

Are you using the /26 public

Are you using the /26 public address space on your internal network?

Generally, the inside is going to be your private IP space and you use the /26 for public facing services on a DMZ and for outbound NAT purposes.

Hall of Fame Super Gold

I would agree that the usual

I would agree that the usual approach is to use the /26 for address translation without assigning it to an interface or to use it in a DMZ. But if it is working ok currently assigned to the inside interface then it might not be worth changing it.

 

HTH

 

Rick

51
Views
0
Helpful
2
Replies
CreatePlease to create content