• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 395
  • Last Modified:

Moving Cisco ASA t new lcoation, new external IP's

We are moving a Cisco 5510 from one location to another and the internet provider is changing.  Nothing with the internal network is changing.  I'm trying to determine my easiest path in completing this.  I have a spare test 5510 that I can bring in.  Is the best way just to start with a fresh config the test asa, get it the way I need it then copy that to the asa once it is moved or should I try editing the current config once its been moved?

It has 2 DMZ's setup and about 12 external firewall rules.
0
dmwynne
Asked:
dmwynne
  • 2
  • 2
1 Solution
 
keith_opswatCommented:
If nothing on your internal network is changing just remove the old IP address from the outside interface and add a new one. Also, change any static routes you had pointing to the old ISP's gateway and that should be it.

Why go through the hassle of re-configuring everything and possibly making an error on it when you know it works and only one small area is going to change. I just recently changed ISP's and did exactly what I said above. Changed IP address on one I/F and edited the static routes. It came up flawlessly.
0
 
dmwynneAuthor Commented:
Yup you are right the only thing that concerns me is we have several external facing boxes with firewall rules and access lists.  Do you see any issue there?
0
 
keith_opswatCommented:
Most firewall rules are generic... If any of the rules are dealing specifically with an IP address or subnet of your old IP's then change those rules.

Most of the rules are just going to say if you have traffic coming from this range or from anywhere with this port... allow to a certain location or deny.

So like I said the only thing that will cause you any issues with your move is any rules, IP address, static routes, or default gateways set need ot be reconfigured to point to their new counterpart. If that's all done then you should have a seamless transition.

Good luck!!
0
 
dmwynneAuthor Commented:
Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

The Lifecycle Approach to Managing Security Policy

Managing application connectivity and security policies can be achieved more effectively when following a framework that automates repeatable processes and ensures that the right activities are performed in the right order.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now