?
Solved

CIsco router and ASA config question

Posted on 2009-05-13
3
Medium Priority
?
302 Views
Last Modified: 2012-05-06
I need some help with a fios connection to a cisco router with an ASA behind it. I have a range of 13 static ip's coming in on my Fios connection. I want to use one of these static ips(xx.xx.xx.18/24) on my outside interface of the 1841(f0/0). I would also like to use the asa into the 1841 for firewall purposes. Should i assign the outside int vlan2, another one of the public static fios ip's(xx.xx.xx.19/24)? Also would i plug this into one of my HWIC 4ESWcard slots in my 1841? How do i assign an ip address to one of the ports(ie f0/0/0)? Any help would be great. As you can tell, noob , just trying to make it work.
thanks
0
Comment
Question by:Neil2526
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 2

Expert Comment

by:phead_2
ID: 24380254
You really don't need the router, you can plug the fios right into the ASA. Give the ASA one of the static ip's and then go from there.

To assign an ip address to a port on either cisco box logon and inout commands as follows (in this example you set F0/0 to 192.168.1.1/24 and save the config).

>en
>enter your password
>configure terminal
>int f0/0 (you can put any interface here)
>ip address 192.168.1.1 255.255.255.0
>exit
>exit
>write mem
0
 

Author Comment

by:Neil2526
ID: 24384115
I forgot to mention, i want to also have this configuration linked up to our internal 10.0.0.0 network. Does this change things?
0
 
LVL 2

Accepted Solution

by:
phead_2 earned 1500 total points
ID: 24388461
That doesn't change anything, that's one of things the ASA is designed for. The proper setup is to plug the line from your ISP (FIOS) into the WAN side of the ASA and then make another connection from the ASA to your internal switch. Not sure of what model ASA you have so can't say what the possible port names are...

The ASA needs one of the static IPs from FIOS assigned to that interface, it will then also be able to receive traffic to the other static IPs which you then configure the ASA to pass along however you see fit. The same goes for the other side (internal) for WAN bound traffic. You can setup NAT and PAT on the ASA. if you don't have any servers that are accessed from the internet on your internal network the setup is pretty simple, if you do then it can be a little to alot more complicated depending on what you need to accomplish.
0

Featured Post

Portable, direct connect server access

The ATEN CV211 connects a laptop directly to any server allowing you instant access to perform data maintenance and local operations, for quick troubleshooting, updating, service and repair.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this tutorial I will show you with short command examples how to obtain a packet footprint of all traffic flowing thru your Juniper device running ScreenOS. I do not know the exact firmware requirement, but I think the fprofile command is availab…
It happens many times that access list (ACL) have to be applied to outgoing router interface in order to limit some traffic.This article is about how to test ACL from the router which is not very intuitive for everyone. Below scenario shows simple s…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question