Solved

ASA config for 5 Static IPs

Posted on 2009-06-30
3
291 Views
Last Modified: 2012-05-07
We currently have 1 static public IP in our current config (attached).  I have just acquired a new block of 5 IP addresses and I tried switching this over yesterday but I had problems.  My new pool of static IP consist  of xx.xx.37.153 to xx.xx.37.157 with the gateway being xx.xx.37.158.

I changed my outside IP to one of the public ip's in the list (ip address xx.xx.37.153 255.255.255.248), I changed the default route statement to point to the new gateway (route outside 0.0.0.0 0.0.0.0 xx.xx.37.158) and I changed my access-lists to reflect the change in IP.

I would like to NAT using one IP.

After doing all of this I could only browse the internet if I were directly plugged into the cable modem, but I could not get out behind the ASA.

What did I do wrong?
current.txt
0
Comment
Question by:phcc75
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 10

Expert Comment

by:atlas_shuddered
ID: 24747648
Check your NAT config.  You'll need to update this to reflect your IP change.
0
 
LVL 34

Accepted Solution

by:
Istvan Kalmar earned 125 total points
ID: 24890133
interface Vlan2
 no  ip address 173.12.22.37 255.255.255.252
 ip address xx.xx.37.153  255.255.255.248


no access-list smtp extended permit tcp any host 173.12.22.37 eq smtp
no access-list smtp extended permit tcp any host 173.12.22.37 eq https
no access-list smtp extended permit tcp any host 173.12.22.37 eq 29603
no access-list smtp extended permit udp any host 173.12.22.37 eq 29603
no access-list smtp extended permit tcp any host 173.12.22.37 eq www

access-list smtp extended permit tcp any host xx.xx.37.153  eq smtp
access-list smtp extended permit tcp any host xx.xx.37.153  eq https
access-list smtp extended permit tcp any host xx.xx.37.153  eq 29603
access-list smtp extended permit udp any host xx.xx.37.153  eq 29603
access-list smtp extended permit tcp any host xx.xx.37.153  eq www

no route outside 0.0.0.0 0.0.0.0 173.12.22.38 1
route outside 0.0.0.0 0.0.0.0 xx.xx.37.158  1

write mem
clear xlate
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 24895411
Any other question?
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question