ASA 5510 with multiple internal addresses

I have an ASA 5510 that I am configuring for my network.  We are breaking off from our corporate parent to run autonomously.  When I make the switch, I would like to change my internal IP addressing scheme.  The current scheme uses 172.x.x.x with a subnet mask of  I want to move to 10.x.x.x with a subnet of

I will be able to change all the computers and servers at one time to the new configuration, but some of our floor equipment I cannot change.  I will assign new addresses and someone else will change the addresses over the next few days (weeks).  I need a solution so that my pcs can still see the equipment, and vice versa.

In my test environment, I have given the internal interface the new ip address ( and a sub interface the old ip address (  with a PC set up on the 10.x.x.x network, I can ping the 10 address on the ASA, but not the 172 address, and I cannot ping a device with a 172 address.  When I give the PC a 172 address, I can ping the device, but I still cannot ping the 172 address on the ASA.

What I am doing wrong?  Does the sub interface count as a physical interface?  (I am licensed for 4.)  Will I need to setup a router internally and a static route for on the ASA?

I am new to the ASA, so I am sorry if this question is simplistic.
Who is Participating?
lrmooreConnect With a Mentor Commented:
> Does the sub interface count as a physical interface?
Yes and it must also have a vlan tag

Unlike a Cisco router, you cannot assign secondary IP's to the ASA interface.
If you have an old Cisco router laying around, use it as a router on stick with secondary IP's on it.
harbor235Connect With a Mentor Commented:
You need to make sure you are trunking the appropriate vlans to the ASA physical inerface.

So for the switch port that connects to thso ASA interface change to port to a trunking port.

interface X
sw trunk encapsulation dot1q
sw mode trunk

This should get you working

-Mike J

mantech1Author Commented:
It was not what I wanted to hear, but it was an answer to my question.  So I will give each of you some points.

We found another way around the issue.  Thank you anyway.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.