Change ip address on Cisco ASA 5505

ne3
ne3 used Ask the Experts™
on
Okay, this is the first time setting up a cisco device so I am very novice at it.  First some history.

They had a linksys router using the vpn client.  When setting up the linksys you have to configure the device to use a random ip address range.  It has been set to:

10.79.199.x
255.255.255.0

This has been working for years and there are printers/workstaions/server static in this range.

The Linkys VPN client really annoys me and have heard great things about the asa 5500 series.  So, I am giving this a try.

However, I can not get the ASA to accept the different IP address.  I have tried many things through the GUI and through hyper terminal.  If I make a change I will no longer get a dhcp address or can no longer use the GUI to set one back up.

I was successful in getting the address changed once and set a static IP on the PC and could ping the ASA.  But that was it - no GUI to configure the ISP or VPN clients.

So, is the above IP address so strange that it just won't work?

Would it be possible to use this range so I don't have to change the entire network?

Also, Linksys had you change to the different address to make it more likely that you would be in a different subnet than the host network.  If the remote network matched the Linksys VPN client would fail.  Is this a concern with the ASA?

Any help/advice is greatly appreciated

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Jody LemoineNetwork Architect

Commented:
It's certainly possible to use the range, but your DHCP will need to be configured independently.  Can you post a scrubbed copy of your current configuration?  If so, I can advise on what needs to change.
Jody LemoineNetwork Architect

Commented:
If the remote network matches your host network, that will almost always cause a problem.  It's due to the way TCP/IP functions and not due to any limitation on the Linksys or the ASA.
the problem you are having is common, you will need to change over the dhcp setting to the new range. you will also need to allow management from this new ip range also. you should be able to plug a console cable in and change these settings. you can use the setting below to change the http and dhcp range.

interface Ethernet0/1
 nameif inside
 security-level 100
 ip address 10.79.199.x 255.255.255.0

http 10.79.199.0 255.255.255.0 inside
telnet 10.79.199.0 255.255.255.0 inside

dhcpd address 10.71.199.100-10.71.199.254 inside
dhcpd enable inside
ne3

Author

Commented:
cosmicfox, thank you for your help.  I could have swore I did what you mentioned above but could not get it to work before.  I now have the settings I want ( differnet ip address and dhcp range).  Here is what I did.

conf t
no dhcpd enable inside
no dhcpd address 192.168.1.5-192.168.1.36 inside
int vlan1
ip address 10.79.199.1 255.255.255.0
exit
wr mem

int vlan1
http 10.79.199.0 255.255.255.0 inside
telnet 10.79.199.0 255.255.255.0 inside

dhcpd address 10.71.199.15-10.71.199.46 inside
dhcpd enable inside
exit
wr mem


I will take it to the client tomorrow and hope when I connect it to the ISP it will get everyone on the network.  

Then I have to get the VPN clients to connect and port forwarding for RDC.  So...  hopefully I can figure that out through mostly the GUI - but somehow I doubt it.  Chances are I will be starting a new thread.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial