Solved

CIsco router and ASA config question

Posted on 2009-05-13
3
299 Views
Last Modified: 2012-05-06
I need some help with a fios connection to a cisco router with an ASA behind it. I have a range of 13 static ip's coming in on my Fios connection. I want to use one of these static ips(xx.xx.xx.18/24) on my outside interface of the 1841(f0/0). I would also like to use the asa into the 1841 for firewall purposes. Should i assign the outside int vlan2, another one of the public static fios ip's(xx.xx.xx.19/24)? Also would i plug this into one of my HWIC 4ESWcard slots in my 1841? How do i assign an ip address to one of the ports(ie f0/0/0)? Any help would be great. As you can tell, noob , just trying to make it work.
thanks
0
Comment
Question by:Neil2526
  • 2
3 Comments
 
LVL 2

Expert Comment

by:phead_2
ID: 24380254
You really don't need the router, you can plug the fios right into the ASA. Give the ASA one of the static ip's and then go from there.

To assign an ip address to a port on either cisco box logon and inout commands as follows (in this example you set F0/0 to 192.168.1.1/24 and save the config).

>en
>enter your password
>configure terminal
>int f0/0 (you can put any interface here)
>ip address 192.168.1.1 255.255.255.0
>exit
>exit
>write mem
0
 

Author Comment

by:Neil2526
ID: 24384115
I forgot to mention, i want to also have this configuration linked up to our internal 10.0.0.0 network. Does this change things?
0
 
LVL 2

Accepted Solution

by:
phead_2 earned 500 total points
ID: 24388461
That doesn't change anything, that's one of things the ASA is designed for. The proper setup is to plug the line from your ISP (FIOS) into the WAN side of the ASA and then make another connection from the ASA to your internal switch. Not sure of what model ASA you have so can't say what the possible port names are...

The ASA needs one of the static IPs from FIOS assigned to that interface, it will then also be able to receive traffic to the other static IPs which you then configure the ASA to pass along however you see fit. The same goes for the other side (internal) for WAN bound traffic. You can setup NAT and PAT on the ASA. if you don't have any servers that are accessed from the internet on your internal network the setup is pretty simple, if you do then it can be a little to alot more complicated depending on what you need to accomplish.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question