Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Change external IP address on cisco pix 501

Posted on 2009-07-12
8
753 Views
Last Modified: 2012-08-13
I think this should be fairly straighforward, but I'm not that familiar with the Cisco command line interface.  We're moving offices and have been assigned new ip addresses from our ISP.  I need to know the specific commands to configure the PIX to use the new external IP address (and subnet mask, dns, gateway).  

Also, we host a mail server and have several other ports forwarding, do I need to do anything else besides change the external interface IP?
0
Comment
Question by:mjordan22
  • 4
  • 3
8 Comments
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 24835660
for example:

change the outside address:
ip address outside 192.168.1.1 255.255.255.0

and after:
claer old route
no ip route 0.0.0.0 0.0.0.0 if_address
type new route
ip route 0.0.0.0 0.0.0.0 if_address

write mem
reload


could you show your config?
0
 

Author Comment

by:mjordan22
ID: 24835761
Unfortunately I don't have access to the existing config right now. The hardware is on it's way to the new location. I get what you've posted, but what about the new gateway and DNS servers. Don't those need to be changed too?  Thanks!
0
 
LVL 34

Accepted Solution

by:
Istvan Kalmar earned 250 total points
ID: 24835821
Hi,

gateway:
and after:
claer old route
no ip route 0.0.0.0 0.0.0.0 if_address
type new route
ip route 0.0.0.0 0.0.0.0 if_address

 dns:
dhcpd dns x.x.x.x  interface inside
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 

Author Comment

by:mjordan22
ID: 24835848
Ok got it, but so that I'm
totally clear in this,  let's say this is the new config info;
ip: 1.2.3.4
sub: 255.255.255.0
gw: 1.2.3.1
DNS: 4.2.2.1 and 4.2.2.2

what would the commands look like?
0
 
LVL 7

Assisted Solution

by:Boilermaker85
Boilermaker85 earned 250 total points
ID: 24839362

I would do a show run before you start to make sure you have the interface names and route info correct. Normally you might name your outside interface "outside" using this statement:
:
PIX Version 6.3(5)
interface ethernet0 100full
interface ethernet1 100full
nameif ethernet0 outside security0
nameif ethernet1 inside security100
...
So you first go into config mode
conf t

Enter the interface ip change
ip address outside 1.2.3.4 255.255.255.0  
no route 0.0.0.0 0.0.0.0 old_GW_IP
route 0.0.0.0 0.0.0.0 1.2.3.1
Assuming you are using the Pix for dhcp on the inside and passing clients the DNS info, you would add this:
dhcpd dns 4.2.2.1 4.2.2.2
 
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 24840026
sorry my config is a router config...
0
 

Author Comment

by:mjordan22
ID: 24842666
Thanks for the help, I'm going to try this this afternoon and I'll let you know if I run into any problems.
0
 

Author Closing Comment

by:mjordan22
ID: 31602619
The solution to my problem was a little more intricate than just changing the IP address, but I'm going to split the points for both people who responded.  Thanks for the help!
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Have you experienced traffic destined through a Cisco ASA firewall disappears and you do not know if the traffic stops in the firewall or somewhere else? The solution is the capture feature. This feature was released in 6.2(1) and works in all firew…
I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question