• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1436
  • Last Modified:

cisco asa 5505, at&t dsl, static IP block, pppoe doesn't work

I've tried 2 different DSL devices:  modem/router in bridge mode, modem-only in bridge mode.

If I set the IP on vlan 2 to DHCP, I get an address and route via pppoe.

As soon as I set the IP to the IP block I was assigned, I am unable to ping/surf.

Some people suggest to set the interface to DHCP/setroute with a pppoe username of <username>@static.sbcglobal.net - tried it, no go.

What makes this strange is that I can put the DSL modem/router back to router mode, and manually assign the IP block to the AT&T device (Netopia 3310), and it works on that device - meaning I can ping the gateway and surf with a PC connected directly to the Netopia.

I *cannot* get the ASA to work with the IP block I've been assigned.

In DHCP mode, the subnet mask on the interface is /32, with a gateway in a different /8 subnet - my IP is 68.x.y.z/32 and the gateway is 65.a.b.c.  I get this information from "show ip" and "show vpdn ppp".

I've also tried setting my ip to an address in the middle of the subnet block and tried the gateway on either end of the block (AT&T likes to use the high end of the block for gateway).

I've also tried a /24 mask with gateway on .1 and .254.  Nothing works.

Yet, as I mentioned, the IP block works if I manually assign it on the modem/router.
0
snowdog_2112
Asked:
snowdog_2112
  • 5
  • 2
1 Solution
 
lruiz52Commented:
Set DSL modem/router back to router mode, and manually assign the IP block to the ASA vlan2 interface and set default route, should be something like below

Configure the external interface vlan (connected to Internet)
-------------------------------------------------------------------------------------
ASA5505(config)# interface Vlan 2
ASA5505(config-if)# nameif outside
ASA5505(config-if)# security-level 0
ASA5505(config-if)# ip address x.x.x.x x.x.x.x  (use ip and maskyou wher using for 3310)
ASA5505(config-if)# no shut

Assign Ethernet 0/0 to Vlan 2
-------------------------------------------------
ASA5505(config)# interface Ethernet0/0
ASA5505(config-if)# switchport access vlan 2
ASA5505(config-if)# no shut

Configure PAT on the outside interface
-----------------------------------------------------
ASA5505(config)# global (outside) 1 interface
ASA5505(config)# nat (inside) 1 0.0.0.0 0.0.0.0

Configure default route towards the ISP
---------------------------------------------------------------------------------------------------------
ASA5505(config)# route outside 0.0.0.0 0.0.0.0 x.x.x.x1 ( use ip assigned to the dsl modem)



Article Source: http://EzineArticles.com/1681858
0
 
snowdog_2112Author Commented:
If I put the DSL modem back to router mode, it will have my public IP block on its outside interface and a private IP on the inside - which is the outside of the ASA.

Another way would be to put my static block on the inside of the DSL modem and let the outside get DHCP from AT&T - but then there will be no route for my block pointing to the DHCP address on the outside of the modem.

Can you clarify your config - am I missing something with what you have in the sample?

Thanks.
0
 
lruiz52Commented:
What is the make and model of the dsl modem?
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
snowdog_2112Author Commented:
I've tried a Netopia 3310 and a Speedstream 4100.  

Both do the same thing - I can get DHCP with the ASA doing pppoe, but I cannot assign the static block.
0
 
snowdog_2112Author Commented:
Any thoughts?
0
 
snowdog_2112Author Commented:
solved.  For static ip assignments on at&t, the dsl username needs to be username@static.sbcglobal.net.  In my case, I had made the change, but it must have reverted on a reboot (not saved).

I had overlooked that since I was sure I had made the change.

Working now.
0
 
snowdog_2112Author Commented:
suggested solutions were not part of the solution.
0

Featured Post

Shaping tomorrow’s technology leaders, today

The leading technology companies all recognize the growing need for gender diversity. Through its Women in IT scholarship program, WGU is working to reverse this trend by empowering more women to earn IT degrees and become tomorrow’s tech-industry leaders.  

  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now