Adding IP's to Cisco ASA5510
I installed a new Avaya phone switch along with voicemail. The system consists of the PBX, Voicemail (onboard) and G430 Gateway. One of the features is it has the ability to send voicemail to your email via IMAP. This feature works inside the building but when I VPN into my network the voicemails do not get sent. I cannot also access my PBX through the Avaya software console in the event I had to make a change. Again inside the building is no problem.
I can only assume the PBX, Vmail, and gateway are being blocked by my ASA. I would like to add those three IP addresses to my ASA and normally I have a 3rd part take care of this but they are no being very responsive in order for me to continue my troubleshooting. My question is can someone provide me with the steps on how to add them to what I'm guessing in an access list in the ASA? Please let me know if I need to provide any additional information.
I can only assume the PBX, Vmail, and gateway are being blocked by my ASA. I would like to add those three IP addresses to my ASA and normally I have a 3rd part take care of this but they are no being very responsive in order for me to continue my troubleshooting. My question is can someone provide me with the steps on how to add them to what I'm guessing in an access list in the ASA? Please let me know if I need to provide any additional information.
Ernie Beek
First another you might want to check: do the device have a default gateway? And if yes: does that point to the asa?
ASKER
I'm sure what you are asking.
The PBX, Vmail, and gateway are network devices, right? So they have an ip address to be able to connect to your network. Then there should also be an option to set a default gateway (to get to ip adrresses that are not on the local network).
ASKER
The PBX has been configured with my default gateway. I have also made dns entries for the three devices. I'm certain the answer is in adding the three ip adresses of these devices into my asa. I just don't know who to do it.
Could you post a sanitized config of the asa? Or atleast all access-list and access-group statements currently in place?
ASKER
I'm looking at my config file now. I think I need to do something like this:
access-list 102 extended permit ip 192.xxx.xxx.1 255.255.255.0 192.xxx.xxx.0 255.255.255.0
access-list 102 extended permit ip 192.xxx.xxx.2 255.255.255.0 192.xxx.xxx.0 255.255.255.0
access-list 102 extended permit ip 192.xxx.xxx.3 255.255.255.0 192.xxx.xxx.0 255.255.255.0
access-list 102 extended permit ip 192.xxx.xxx.1 255.255.255.0 192.xxx.xxx.0 255.255.255.0
access-list 102 extended permit ip 192.xxx.xxx.2 255.255.255.0 192.xxx.xxx.0 255.255.255.0
access-list 102 extended permit ip 192.xxx.xxx.3 255.255.255.0 192.xxx.xxx.0 255.255.255.0
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I finally got someone from our 3rd party company to get into the switch. It looks like I was close but he is working so fast I can't keep up. Looks like Cisco classess are in my future :)
Well good luck with that :)
And thx for the points.
And thx for the points.