• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1547
  • Last Modified:

cisco asa 5505, at&t dsl, static IP block, pppoe doesn't work

I've tried 2 different DSL devices:  modem/router in bridge mode, modem-only in bridge mode.

If I set the IP on vlan 2 to DHCP, I get an address and route via pppoe.

As soon as I set the IP to the IP block I was assigned, I am unable to ping/surf.

Some people suggest to set the interface to DHCP/setroute with a pppoe username of <username>@static.sbcglobal.net - tried it, no go.

What makes this strange is that I can put the DSL modem/router back to router mode, and manually assign the IP block to the AT&T device (Netopia 3310), and it works on that device - meaning I can ping the gateway and surf with a PC connected directly to the Netopia.

I *cannot* get the ASA to work with the IP block I've been assigned.

In DHCP mode, the subnet mask on the interface is /32, with a gateway in a different /8 subnet - my IP is 68.x.y.z/32 and the gateway is 65.a.b.c.  I get this information from "show ip" and "show vpdn ppp".

I've also tried setting my ip to an address in the middle of the subnet block and tried the gateway on either end of the block (AT&T likes to use the high end of the block for gateway).

I've also tried a /24 mask with gateway on .1 and .254.  Nothing works.

Yet, as I mentioned, the IP block works if I manually assign it on the modem/router.
0
snowdog_2112
Asked:
snowdog_2112
  • 5
  • 2
1 Solution
 
lruiz52Commented:
Set DSL modem/router back to router mode, and manually assign the IP block to the ASA vlan2 interface and set default route, should be something like below

Configure the external interface vlan (connected to Internet)
-------------------------------------------------------------------------------------
ASA5505(config)# interface Vlan 2
ASA5505(config-if)# nameif outside
ASA5505(config-if)# security-level 0
ASA5505(config-if)# ip address x.x.x.x x.x.x.x  (use ip and maskyou wher using for 3310)
ASA5505(config-if)# no shut

Assign Ethernet 0/0 to Vlan 2
-------------------------------------------------
ASA5505(config)# interface Ethernet0/0
ASA5505(config-if)# switchport access vlan 2
ASA5505(config-if)# no shut

Configure PAT on the outside interface
-----------------------------------------------------
ASA5505(config)# global (outside) 1 interface
ASA5505(config)# nat (inside) 1 0.0.0.0 0.0.0.0

Configure default route towards the ISP
---------------------------------------------------------------------------------------------------------
ASA5505(config)# route outside 0.0.0.0 0.0.0.0 x.x.x.x1 ( use ip assigned to the dsl modem)



Article Source: http://EzineArticles.com/1681858
0
 
snowdog_2112Author Commented:
If I put the DSL modem back to router mode, it will have my public IP block on its outside interface and a private IP on the inside - which is the outside of the ASA.

Another way would be to put my static block on the inside of the DSL modem and let the outside get DHCP from AT&T - but then there will be no route for my block pointing to the DHCP address on the outside of the modem.

Can you clarify your config - am I missing something with what you have in the sample?

Thanks.
0
 
lruiz52Commented:
What is the make and model of the dsl modem?
0
Choose an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program was designed in collaboration with national intelligence organizations and IT industry leaders.

 
snowdog_2112Author Commented:
I've tried a Netopia 3310 and a Speedstream 4100.  

Both do the same thing - I can get DHCP with the ASA doing pppoe, but I cannot assign the static block.
0
 
snowdog_2112Author Commented:
Any thoughts?
0
 
snowdog_2112Author Commented:
solved.  For static ip assignments on at&t, the dsl username needs to be username@static.sbcglobal.net.  In my case, I had made the change, but it must have reverted on a reboot (not saved).

I had overlooked that since I was sure I had made the change.

Working now.
0
 
snowdog_2112Author Commented:
suggested solutions were not part of the solution.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

  • 5
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now