mantech1
asked on
ASA 5510 with multiple internal addresses
I have an ASA 5510 that I am configuring for my network. We are breaking off from our corporate parent to run autonomously. When I make the switch, I would like to change my internal IP addressing scheme. The current scheme uses 172.x.x.x with a subnet mask of 255.255.248.0. I want to move to 10.x.x.x with a subnet of 255.255.0.0.
I will be able to change all the computers and servers at one time to the new configuration, but some of our floor equipment I cannot change. I will assign new addresses and someone else will change the addresses over the next few days (weeks). I need a solution so that my pcs can still see the equipment, and vice versa.
In my test environment, I have given the internal interface the new ip address (10.1.0.1) and a sub interface the old ip address (172.1.0.1). with a PC set up on the 10.x.x.x network, I can ping the 10 address on the ASA, but not the 172 address, and I cannot ping a device with a 172 address. When I give the PC a 172 address, I can ping the device, but I still cannot ping the 172 address on the ASA.
What I am doing wrong? Does the sub interface count as a physical interface? (I am licensed for 4.) Will I need to setup a router internally and a static route for on the ASA?
I am new to the ASA, so I am sorry if this question is simplistic.
I will be able to change all the computers and servers at one time to the new configuration, but some of our floor equipment I cannot change. I will assign new addresses and someone else will change the addresses over the next few days (weeks). I need a solution so that my pcs can still see the equipment, and vice versa.
In my test environment, I have given the internal interface the new ip address (10.1.0.1) and a sub interface the old ip address (172.1.0.1). with a PC set up on the 10.x.x.x network, I can ping the 10 address on the ASA, but not the 172 address, and I cannot ping a device with a 172 address. When I give the PC a 172 address, I can ping the device, but I still cannot ping the 172 address on the ASA.
What I am doing wrong? Does the sub interface count as a physical interface? (I am licensed for 4.) Will I need to setup a router internally and a static route for on the ASA?
I am new to the ASA, so I am sorry if this question is simplistic.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
We found another way around the issue. Thank you anyway.