• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3641
  • Last Modified:

Configure Static IP Address from Router to Cisco ASA

I have a Belkin Wireless Modem/Router and a Cisco ASA 5505.  The Router is configured with DHCP to assign an IP address to the Cisco ASA, I am trying to give the Cisco ASA a fixed IP Address.

I have turned DHCP off the Belkin Router and configured a static ip of on the Cisco ASA but this will not allow any pc connected to the ASA to access internet etc...

I have attached the start of my Cisco configuration below:

ASA Version 7.2(3)
hostname ciscoasa
domain-name default.domain.invalid
enable password 8Ry2YjIyt7RRXU24 encrypted
interface Vlan1
 nameif inside
 security-level 100
 ip address
interface Vlan2
 nameif outside
 security-level 0
 ip address
interface Vlan3
 no forward interface Vlan1
 nameif dmz
 security-level 50
 no ip address
interface Ethernet0/0
 switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
dns server-group DefaultDNS
 domain-name default.domain.invalid
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
access-list USAOFFICE_splitTunnelAcl_1 standard permit any
access-list DefaultRAGroup_splitTunnelAcl_1 standard permit any
access-list inside_nat0_outbound extended permit ip any
access-list test_splitTunnelAcl standard permit
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
mtu dmz 1500
ip local pool NaplesPool mask
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-523.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
http server enable
http inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto dynamic-map outside_dyn_map 20 set pfs
crypto dynamic-map outside_dyn_map 20 set transform-set ESP-3DES-SHA
crypto dynamic-map outside_dyn_map 40 set pfs
crypto dynamic-map outside_dyn_map 40 set transform-set ESP-3DES-SHA
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside
crypto isakmp enable outside
crypto isakmp policy 10
 authentication pre-share
 encryption 3des
 hash sha
 group 2
 lifetime 86400
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd auto_config outside
dhcpd address inside
dhcpd enable inside

class-map inspection_default
 match default-inspection-traffic
policy-map type inspect dns preset

  • 2
1 Solution
There is no default route set on the ASA.  When you had the ASA configured for DHCP from the Belkin, you were probably getting the default gateway handed to the ASA automatically via DHCP.  When you configure the outside interface statically, you will have to manually configure the default gateway on the ASA, which will most likely be the IP address of the Belkin router itself.  Find out what that is (for example, let's say it is and then enter the following command in the CLI:

route outside

See if that helps...
This is because you have no default route confgured on the ASA. This would have been previously given out by dhcp. It is the same as the default gateway. to fix this, add this line to your config:-

ip route outside 1

(This assumes that the IP address of your belkin router is


cstosgale, your command syntax is incorrect for an ASA...
damsel__in__distressAuthor Commented:
Fantastic again batry_boy - Thank you.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Will You Be GDPR Compliant by 5/28/2018?

GDPR? That's a regulation for the European Union. But, if you collect data from customers or employees within the EU, then you need to know about GDPR and make sure your organization is compliant by May 2018. Check out our preparation checklist to make sure you're on track today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now