Solved

CIsco router and ASA config question

Posted on 2009-05-13
3
296 Views
Last Modified: 2012-05-06
I need some help with a fios connection to a cisco router with an ASA behind it. I have a range of 13 static ip's coming in on my Fios connection. I want to use one of these static ips(xx.xx.xx.18/24) on my outside interface of the 1841(f0/0). I would also like to use the asa into the 1841 for firewall purposes. Should i assign the outside int vlan2, another one of the public static fios ip's(xx.xx.xx.19/24)? Also would i plug this into one of my HWIC 4ESWcard slots in my 1841? How do i assign an ip address to one of the ports(ie f0/0/0)? Any help would be great. As you can tell, noob , just trying to make it work.
thanks
0
Comment
Question by:Neil2526
  • 2
3 Comments
 
LVL 2

Expert Comment

by:phead_2
ID: 24380254
You really don't need the router, you can plug the fios right into the ASA. Give the ASA one of the static ip's and then go from there.

To assign an ip address to a port on either cisco box logon and inout commands as follows (in this example you set F0/0 to 192.168.1.1/24 and save the config).

>en
>enter your password
>configure terminal
>int f0/0 (you can put any interface here)
>ip address 192.168.1.1 255.255.255.0
>exit
>exit
>write mem
0
 

Author Comment

by:Neil2526
ID: 24384115
I forgot to mention, i want to also have this configuration linked up to our internal 10.0.0.0 network. Does this change things?
0
 
LVL 2

Accepted Solution

by:
phead_2 earned 500 total points
ID: 24388461
That doesn't change anything, that's one of things the ASA is designed for. The proper setup is to plug the line from your ISP (FIOS) into the WAN side of the ASA and then make another connection from the ASA to your internal switch. Not sure of what model ASA you have so can't say what the possible port names are...

The ASA needs one of the static IPs from FIOS assigned to that interface, it will then also be able to receive traffic to the other static IPs which you then configure the ASA to pass along however you see fit. The same goes for the other side (internal) for WAN bound traffic. You can setup NAT and PAT on the ASA. if you don't have any servers that are accessed from the internet on your internal network the setup is pretty simple, if you do then it can be a little to alot more complicated depending on what you need to accomplish.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Netgear Switches 3 117
Internet Speed Test 5 67
Error on login Cisco RV016 1 16
Can't access DMZ from internal network 7 44
I have seen some questions on problems with SSH/telnet access to Cisco routers that may occur despite the fact that from a PC connected to your LAN, Internet connectivity is in place and users can access Internet sites without any issues.  There are…
There are two basic ways to configure a static route for Cisco IOS devices. I've written this article to highlight a case study comparing the configuration of a static route using the next-hop IP and the configuration of a static route using an outg…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now