Changing subnetmask on Cisco ASA 5510 Firewall

We are increasing our IP Range and our subnet mask is changing.  Would the only two places I need to change my subnet mask on our ASA 5510 be under configuration\Building Blocks\Hosts/Network\Inside  and under configuration\interfaces\ethernet0/1??
Who is Participating?
Ernie BeekExpertCommented:
Well, normally you change the subnet mask on the interface, in any access lists that might apply, nat statements and statics (just from memory). Looks like you're doing this through the ASDM. It might be wise to walk through the whole config (tools->command line interface-> 'wr t').

You could post a (sanitized) config over here, so we can have a look at it if you like.

You also need to check routing and any remote / VPN devices that connect to the firewall otherwise they will be unable to connect. So your check list should look something like this:

* IP address and subnet mask change on the device (both end of the interface)
* Change of Access Control List of firewall policy (zone definitions etc)
* Routing configuration change
* Change on remote devices / VPN clients
* Change on monitoring devices (e.g. SNMP etc)

Make sure you audit current configuration to identify main areas of change before you actually start changing. You also need to backup current config; you can do "show run" from the CLI.

Good luck.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.