Cisco ASA 5505 series Adaptive Security Appliance


I have a Cisco ASA 5505. I have to change the external ip address.  I can telnet into the device but I need to know the exact commands to change the ip. I am unfamiliar with the operating system so if you could let me know exactly what to type, it would be very helpful.

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

sharjeel ashrafSenior Network EngineerCommented:
telnet (internal IP)

login using username and password or type telnet password

type enable
type password

type show conf
locate the external interface used
type conf terminal
type int <interface name>
type ip address a.a.a.a b.b.b.b (a.a.a.a is external IP, and b.b.b.b subnet mask)
type wr mem
type clear xlate, to clear translations
would be good idea to reboot if you can.
type exit
type exit
type sh conf and check interface has new IP assigned.
do you know if the interface IP is hardcoded to any services.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
zelfanetAuthor Commented:
Thanks! Your explicit directions worked perfectly! They can get to the internet!

However when I look through the config I still see the old ip on some lines:

access-list acl_out extended tcp any host eq www
access-list acl_out extended tcp any host range 4520 4524


static (inside,outside) netmask
access-group acl_out in interface outside
route outside

Do I need to change these as well?
you will need to  change the access-list and static statement's ip addresses to the new address.

the route statement should *not* have the exact, old ip address. it will most likely be different by 1 in the last octet of the address? in that case it wont need to be changed if you are not changing the subnet.

if you are changing the subnet, then the route statement will need to be changed. if you're not sure, tell us the subnet mask (the b.b.b.b part of the ip command above) and the last part of the old and new ip addresses, then we can advise if the route statement will need to be changed.
sharjeel ashrafSenior Network EngineerCommented:
can you paste a sanitized version (remove passwords and unique IP's) of your config here please, then i can tell you what to type. and what needs changing.
Benjamin Van DitmarsSr Network EngineerCommented:
also dont forget to change youre default route x.x.x.x if needed.
else you wont have a route to the internet
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.