Solved

Cisco - ASA 5500 - Cannot change

Posted on 2011-09-20
11
312 Views
Last Modified: 2012-05-12
What is the CLI command to change the Inside interface IP address/network from 192.168.1.1 to 192.168.2.254?
When I use the ASDM console, and change the network address, I cannot apply the changes due to the change in network address which does not allow me to change the network address.
I am (obviously) not a cisco guy but need to do this config in a rushed manner...
thanks
0
Comment
Question by:datzit
  • 4
  • 3
  • 2
  • +1
11 Comments
 
LVL 13

Expert Comment

by:GuruChiu
Comment Utility
If you can ssh to the ASA, you can login and type these commands:

con t
interface Ethernet0/1
 ip address 192.168.2.254.255.255.0
0
 
LVL 18

Expert Comment

by:fgasimzade
Comment Utility
You can connect using Cisco console cable and Hyperterminal/Putty software and change IP address using CLI

0
 

Author Comment

by:datzit
Comment Utility
i dont have a com port on my laptop for the console cable....
Let me see if i can ssh to this and run that command...
thanks
0
 
LVL 18

Expert Comment

by:fgasimzade
Comment Utility
If you ssh to ASA on inside interface and change its ip address you will lose connection to ASA
0
 
LVL 33

Expert Comment

by:MikeKane
Comment Utility
The issue is that you are connected to the inside interface and want to change that some interface.   The ASDM will not let you do that.  

You can use SSH to the port, ASDM from another interface, or a console cable to make those changes.    


0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 13

Expert Comment

by:GuruChiu
Comment Utility
You can ssh to the outside interface of the ASA and type those commands.
0
 

Author Comment

by:datzit
Comment Utility
@MikeKane
if i understand you correctly i can do the following to change this...
- Configure Outside Int (port 0) to 192.168.3.1
- Manually configure my nic to the 192.168.3.x network.
- plug into the Outside interface
- log on to the device from the outside interface
- change the inside interface

is that correct?
0
 
LVL 13

Accepted Solution

by:
GuruChiu earned 500 total points
Comment Utility
Typically for the ASA to be useful, you already have an outside IP address. This usually will be a public IP address. Check with your ISP to provide this information.

You can also setup outside to get DHCP address.

Just for the purpose of reconfiguring your inside interface, you can temporary setup outside interface to 192.168.3.1 just as you described. You also need to allow management access from outside as well:
ssh 0.0.0.0 0.0.0.0 outside
http 0.0.0.0 0.0.0.0 outside
0
 

Author Comment

by:datzit
Comment Utility
thanks...the outside interface was temporary for the purpose of changing the inside interface.config.
this is what I needed.
let me do this and come back with status.
heading out the door so I will respond later or more lilkely tomorrow.
thanks for all the help.
0
 
LVL 33

Expert Comment

by:MikeKane
Comment Utility
Any updates?
0
 

Author Closing Comment

by:datzit
Comment Utility
thank you
0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Overview The Cisco PIX 501, PIX 506e, ASA 5505 and ASA 5510 (most if not all of this information will be relevant to the PIX 515e but I do not have a working configuration handy to verify the validity) are primarily used within small to medium busi…
This article will cover setting up redundant ISPs for outbound connectivity on an ASA 5510 (although the same should work on the 5520s and up as well).  It’s important to note that this covers outbound connectivity only.  The ASA does not have built…
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now