Cisco ASA 5505 series Adaptive Security Appliance

zelfanet
zelfanet used Ask the Experts™
on
Hello,

I have a Cisco ASA 5505. I have to change the external ip address.  I can telnet into the device but I need to know the exact commands to change the ip. I am unfamiliar with the operating system so if you could let me know exactly what to type, it would be very helpful.

Thanks!
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Senior Network Engineer
Commented:
telnet (internal IP)

login using username and password or type telnet password

type enable
type password

type show conf
locate the external interface used
type conf terminal
type int <interface name>
type ip address a.a.a.a b.b.b.b (a.a.a.a is external IP, and b.b.b.b subnet mask)
type wr mem
type clear xlate, to clear translations
would be good idea to reboot if you can.
type exit
type exit
type sh conf and check interface has new IP assigned.
do you know if the interface IP is hardcoded to any services.

Author

Commented:
Thanks! Your explicit directions worked perfectly! They can get to the internet!

However when I look through the config I still see the old ip on some lines:

access-list acl_out extended tcp any host xxx.xxx.xxx.xxx eq www
access-list acl_out extended tcp any host xxx.xxx.xxx.xxx range 4520 4524

and

static (inside,outside) xxx.xxx.xxx.xxx 192.168.1.200 netmask 255.255.255.255
access-group acl_out in interface outside
route outside 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx

Do I need to change these as well?
you will need to  change the access-list and static statement's ip addresses to the new address.

the route statement should *not* have the exact, old ip address. it will most likely be different by 1 in the last octet of the address? in that case it wont need to be changed if you are not changing the subnet.

if you are changing the subnet, then the route statement will need to be changed. if you're not sure, tell us the subnet mask (the b.b.b.b part of the ip command above) and the last part of the old and new ip addresses, then we can advise if the route statement will need to be changed.
sharjeel ashrafSenior Network Engineer

Commented:
can you paste a sanitized version (remove passwords and unique IP's) of your config here please, then i can tell you what to type. and what needs changing.

Commented:
also dont forget to change youre default route 0.0.0.0/0.0.0.0 x.x.x.x if needed.
else you wont have a route to the internet

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial