Solved

ASA config for 5 Static IPs

Posted on 2009-06-30
3
286 Views
Last Modified: 2012-05-07
We currently have 1 static public IP in our current config (attached).  I have just acquired a new block of 5 IP addresses and I tried switching this over yesterday but I had problems.  My new pool of static IP consist  of xx.xx.37.153 to xx.xx.37.157 with the gateway being xx.xx.37.158.

I changed my outside IP to one of the public ip's in the list (ip address xx.xx.37.153 255.255.255.248), I changed the default route statement to point to the new gateway (route outside 0.0.0.0 0.0.0.0 xx.xx.37.158) and I changed my access-lists to reflect the change in IP.

I would like to NAT using one IP.

After doing all of this I could only browse the internet if I were directly plugged into the cable modem, but I could not get out behind the ASA.

What did I do wrong?
current.txt
0
Comment
Question by:phcc75
  • 2
3 Comments
 
LVL 10

Expert Comment

by:atlas_shuddered
Comment Utility
Check your NAT config.  You'll need to update this to reflect your IP change.
0
 
LVL 34

Accepted Solution

by:
Istvan Kalmar earned 125 total points
Comment Utility
interface Vlan2
 no  ip address 173.12.22.37 255.255.255.252
 ip address xx.xx.37.153  255.255.255.248


no access-list smtp extended permit tcp any host 173.12.22.37 eq smtp
no access-list smtp extended permit tcp any host 173.12.22.37 eq https
no access-list smtp extended permit tcp any host 173.12.22.37 eq 29603
no access-list smtp extended permit udp any host 173.12.22.37 eq 29603
no access-list smtp extended permit tcp any host 173.12.22.37 eq www

access-list smtp extended permit tcp any host xx.xx.37.153  eq smtp
access-list smtp extended permit tcp any host xx.xx.37.153  eq https
access-list smtp extended permit tcp any host xx.xx.37.153  eq 29603
access-list smtp extended permit udp any host xx.xx.37.153  eq 29603
access-list smtp extended permit tcp any host xx.xx.37.153  eq www

no route outside 0.0.0.0 0.0.0.0 173.12.22.38 1
route outside 0.0.0.0 0.0.0.0 xx.xx.37.158  1

write mem
clear xlate
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
Comment Utility
Any other question?
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Cisco 1830 AP behaving wierdly 7 20
Route summarization 9 42
VLAN Tagged traffic 2 19
cisco VIRL 2 10
When I upgraded my ASA 8.2 to 8.3, I realized that my nonat statement was failing!   The log showed the following error:     %ASA-5-305013: Asymmetric NAT rules matched for forward and reverse flows It was caused by the config upgrade, because t…
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now