• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 350
  • Last Modified:

Adding IP's to Cisco ASA5510

I installed a new Avaya phone switch along with voicemail. The system consists of the PBX, Voicemail (onboard) and G430 Gateway. One of the features is it has the ability to send voicemail to your email via IMAP. This feature works inside the building but when I VPN into my network the voicemails do not get sent. I cannot also access my PBX through the Avaya software console in the event I had to make a change. Again inside the building is no problem.

I can only assume the PBX, Vmail, and gateway are being blocked by my ASA. I would like to add those three IP addresses to my ASA and normally I have a 3rd part take care of this but they are no being very responsive in order for me to continue my troubleshooting. My question is can someone provide me with the steps on how to add them to what I'm guessing in an access list in the ASA? Please let me know if I need to provide any additional information.
0
tmaususer
Asked:
tmaususer
  • 5
  • 4
1 Solution
 
Ernie BeekExpertCommented:
First another you might want to check: do the device have a default gateway? And if yes: does that point to the asa?
0
 
tmaususerAuthor Commented:
I'm sure what you are asking.
0
 
Ernie BeekExpertCommented:
The PBX, Vmail, and gateway are network devices, right? So they have an ip address to be able to connect to your network. Then there should also be an option to set a default gateway (to get to ip adrresses that are not on the local network).
0
Get Cisco Certified in IT Security

There’s a high demand for IT security experts and network administrators who can safeguard the data that individuals, corporations, and governments rely on every day. Pursue your B.S. in Network Operations and Security and gain the credentials you need for this high-growth field.

 
tmaususerAuthor Commented:
The PBX has been configured with my default gateway. I have also made dns entries for the three devices. I'm certain the answer is in adding the three ip adresses of these devices into my asa. I just don't know who to do it.
0
 
Ernie BeekExpertCommented:
Could you post a sanitized config of the asa? Or atleast all access-list and access-group statements currently in place?
0
 
tmaususerAuthor Commented:
I'm looking at my config file now. I think I need to do something like this:

access-list 102 extended permit ip 192.xxx.xxx.1 255.255.255.0 192.xxx.xxx.0 255.255.255.0
access-list 102 extended permit ip 192.xxx.xxx.2 255.255.255.0 192.xxx.xxx.0 255.255.255.0
access-list 102 extended permit ip 192.xxx.xxx.3 255.255.255.0 192.xxx.xxx.0 255.255.255.0

0
 
Ernie BeekExpertCommented:
Depends. Do you have an access list on the inside interface?
If not, then perhaps the traffic from those three is not getting in to the VPN which is applied at two places: the nat0 (so traffic isn't natted) and in the crypto map (so traffic is sent in to the tunnel).

I don't know if what you put here is right because I don't know where this access list is applied. Need to see more of you config for that.
0
 
tmaususerAuthor Commented:
I finally got someone from our 3rd party company to get into the switch. It looks like I was close but he is working so fast I can't keep up. Looks like Cisco classess are in my future :)
0
 
Ernie BeekExpertCommented:
Well good luck with that :)
And thx for the points.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now