[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 305
  • Last Modified:

CIsco router and ASA config question

I need some help with a fios connection to a cisco router with an ASA behind it. I have a range of 13 static ip's coming in on my Fios connection. I want to use one of these static ips(xx.xx.xx.18/24) on my outside interface of the 1841(f0/0). I would also like to use the asa into the 1841 for firewall purposes. Should i assign the outside int vlan2, another one of the public static fios ip's(xx.xx.xx.19/24)? Also would i plug this into one of my HWIC 4ESWcard slots in my 1841? How do i assign an ip address to one of the ports(ie f0/0/0)? Any help would be great. As you can tell, noob , just trying to make it work.
thanks
0
Neil2526
Asked:
Neil2526
  • 2
1 Solution
 
phead_2Commented:
You really don't need the router, you can plug the fios right into the ASA. Give the ASA one of the static ip's and then go from there.

To assign an ip address to a port on either cisco box logon and inout commands as follows (in this example you set F0/0 to 192.168.1.1/24 and save the config).

>en
>enter your password
>configure terminal
>int f0/0 (you can put any interface here)
>ip address 192.168.1.1 255.255.255.0
>exit
>exit
>write mem
0
 
Neil2526Author Commented:
I forgot to mention, i want to also have this configuration linked up to our internal 10.0.0.0 network. Does this change things?
0
 
phead_2Commented:
That doesn't change anything, that's one of things the ASA is designed for. The proper setup is to plug the line from your ISP (FIOS) into the WAN side of the ASA and then make another connection from the ASA to your internal switch. Not sure of what model ASA you have so can't say what the possible port names are...

The ASA needs one of the static IPs from FIOS assigned to that interface, it will then also be able to receive traffic to the other static IPs which you then configure the ASA to pass along however you see fit. The same goes for the other side (internal) for WAN bound traffic. You can setup NAT and PAT on the ASA. if you don't have any servers that are accessed from the internet on your internal network the setup is pretty simple, if you do then it can be a little to alot more complicated depending on what you need to accomplish.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now