Solved

ASA config for 5 Static IPs

Posted on 2009-06-30
3
290 Views
Last Modified: 2012-05-07
We currently have 1 static public IP in our current config (attached).  I have just acquired a new block of 5 IP addresses and I tried switching this over yesterday but I had problems.  My new pool of static IP consist  of xx.xx.37.153 to xx.xx.37.157 with the gateway being xx.xx.37.158.

I changed my outside IP to one of the public ip's in the list (ip address xx.xx.37.153 255.255.255.248), I changed the default route statement to point to the new gateway (route outside 0.0.0.0 0.0.0.0 xx.xx.37.158) and I changed my access-lists to reflect the change in IP.

I would like to NAT using one IP.

After doing all of this I could only browse the internet if I were directly plugged into the cable modem, but I could not get out behind the ASA.

What did I do wrong?
current.txt
0
Comment
Question by:phcc75
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 10

Expert Comment

by:atlas_shuddered
ID: 24747648
Check your NAT config.  You'll need to update this to reflect your IP change.
0
 
LVL 34

Accepted Solution

by:
Istvan Kalmar earned 125 total points
ID: 24890133
interface Vlan2
 no  ip address 173.12.22.37 255.255.255.252
 ip address xx.xx.37.153  255.255.255.248


no access-list smtp extended permit tcp any host 173.12.22.37 eq smtp
no access-list smtp extended permit tcp any host 173.12.22.37 eq https
no access-list smtp extended permit tcp any host 173.12.22.37 eq 29603
no access-list smtp extended permit udp any host 173.12.22.37 eq 29603
no access-list smtp extended permit tcp any host 173.12.22.37 eq www

access-list smtp extended permit tcp any host xx.xx.37.153  eq smtp
access-list smtp extended permit tcp any host xx.xx.37.153  eq https
access-list smtp extended permit tcp any host xx.xx.37.153  eq 29603
access-list smtp extended permit udp any host xx.xx.37.153  eq 29603
access-list smtp extended permit tcp any host xx.xx.37.153  eq www

no route outside 0.0.0.0 0.0.0.0 173.12.22.38 1
route outside 0.0.0.0 0.0.0.0 xx.xx.37.158  1

write mem
clear xlate
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 24895411
Any other question?
0

Featured Post

Now Available: Firebox Cloud for AWS and FireboxV

Firebox Cloud brings the protection of WatchGuard’s leading Firebox UTM appliances to public cloud environments. It enables organizations to extend their security perimeter to protect business-critical assets in Amazon Web Services (AWS).

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Cisco ASA 5512 LAN Config 16 107
Hit router interface limit 7 68
Cisco RV320 Gateway to Gateway connected but not passing traffic 6 30
How to disable sflow Cisco nexus 9k 3 19
Have you experienced traffic destined through a Cisco ASA firewall disappears and you do not know if the traffic stops in the firewall or somewhere else? The solution is the capture feature. This feature was released in 6.2(1) and works in all firew…
Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question