Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Moving Cisco ASA t new lcoation, new external IP's

Posted on 2010-09-03
4
Medium Priority
?
391 Views
Last Modified: 2012-05-10
We are moving a Cisco 5510 from one location to another and the internet provider is changing.  Nothing with the internal network is changing.  I'm trying to determine my easiest path in completing this.  I have a spare test 5510 that I can bring in.  Is the best way just to start with a fresh config the test asa, get it the way I need it then copy that to the asa once it is moved or should I try editing the current config once its been moved?

It has 2 DMZ's setup and about 12 external firewall rules.
0
Comment
Question by:dmwynne
  • 2
  • 2
4 Comments
 
LVL 4

Expert Comment

by:keith_opswat
ID: 33600194
If nothing on your internal network is changing just remove the old IP address from the outside interface and add a new one. Also, change any static routes you had pointing to the old ISP's gateway and that should be it.

Why go through the hassle of re-configuring everything and possibly making an error on it when you know it works and only one small area is going to change. I just recently changed ISP's and did exactly what I said above. Changed IP address on one I/F and edited the static routes. It came up flawlessly.
0
 
LVL 14

Author Comment

by:dmwynne
ID: 33600236
Yup you are right the only thing that concerns me is we have several external facing boxes with firewall rules and access lists.  Do you see any issue there?
0
 
LVL 4

Accepted Solution

by:
keith_opswat earned 2000 total points
ID: 33600293
Most firewall rules are generic... If any of the rules are dealing specifically with an IP address or subnet of your old IP's then change those rules.

Most of the rules are just going to say if you have traffic coming from this range or from anywhere with this port... allow to a certain location or deny.

So like I said the only thing that will cause you any issues with your move is any rules, IP address, static routes, or default gateways set need ot be reconfigured to point to their new counterpart. If that's all done then you should have a seamless transition.

Good luck!!
0
 
LVL 14

Author Closing Comment

by:dmwynne
ID: 33600977
Thanks
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You deserve ‘straight talk’ from your cloud provider about your risk, your costs, security, uptime and the processes that are in place to protect your mission-critical applications.
Considering cloud tradeoffs and determining the right mix for your organization.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question