Solved

Adding IP's to Cisco ASA5510

Posted on 2011-03-16
9
334 Views
Last Modified: 2012-05-11
I installed a new Avaya phone switch along with voicemail. The system consists of the PBX, Voicemail (onboard) and G430 Gateway. One of the features is it has the ability to send voicemail to your email via IMAP. This feature works inside the building but when I VPN into my network the voicemails do not get sent. I cannot also access my PBX through the Avaya software console in the event I had to make a change. Again inside the building is no problem.

I can only assume the PBX, Vmail, and gateway are being blocked by my ASA. I would like to add those three IP addresses to my ASA and normally I have a 3rd part take care of this but they are no being very responsive in order for me to continue my troubleshooting. My question is can someone provide me with the steps on how to add them to what I'm guessing in an access list in the ASA? Please let me know if I need to provide any additional information.
0
Comment
Question by:tmaususer
  • 5
  • 4
9 Comments
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35147446
First another you might want to check: do the device have a default gateway? And if yes: does that point to the asa?
0
 

Author Comment

by:tmaususer
ID: 35147500
I'm sure what you are asking.
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35147596
The PBX, Vmail, and gateway are network devices, right? So they have an ip address to be able to connect to your network. Then there should also be an option to set a default gateway (to get to ip adrresses that are not on the local network).
0
 

Author Comment

by:tmaususer
ID: 35147629
The PBX has been configured with my default gateway. I have also made dns entries for the three devices. I'm certain the answer is in adding the three ip adresses of these devices into my asa. I just don't know who to do it.
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35147765
Could you post a sanitized config of the asa? Or atleast all access-list and access-group statements currently in place?
0
 

Author Comment

by:tmaususer
ID: 35147822
I'm looking at my config file now. I think I need to do something like this:

access-list 102 extended permit ip 192.xxx.xxx.1 255.255.255.0 192.xxx.xxx.0 255.255.255.0
access-list 102 extended permit ip 192.xxx.xxx.2 255.255.255.0 192.xxx.xxx.0 255.255.255.0
access-list 102 extended permit ip 192.xxx.xxx.3 255.255.255.0 192.xxx.xxx.0 255.255.255.0

0
 
LVL 35

Accepted Solution

by:
Ernie Beek earned 250 total points
ID: 35147899
Depends. Do you have an access list on the inside interface?
If not, then perhaps the traffic from those three is not getting in to the VPN which is applied at two places: the nat0 (so traffic isn't natted) and in the crypto map (so traffic is sent in to the tunnel).

I don't know if what you put here is right because I don't know where this access list is applied. Need to see more of you config for that.
0
 

Author Comment

by:tmaususer
ID: 35148595
I finally got someone from our 3rd party company to get into the switch. It looks like I was close but he is working so fast I can't keep up. Looks like Cisco classess are in my future :)
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35148684
Well good luck with that :)
And thx for the points.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

There are many useful and sometimes not well documented or forgotten IOS or ASA/PIX commands. See IPE article here , there was also one on PacketU and on Cisco Tips & Tricks. Below are my favorites. I give also a few most often used for Cisco IPS an…
Overview The Cisco PIX 501, PIX 506e, ASA 5505 and ASA 5510 (most if not all of this information will be relevant to the PIX 515e but I do not have a working configuration handy to verify the validity) are primarily used within small to medium busi…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now