https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776106#M1003549 <HTML><HEAD></HEAD><BODY><P>I did that and SSH times out (trying via PuTTY).</P><P></P><P>Telnet wants a password and I try the password that I use same password that I use for ASDM and no luck</P></BODY></HTML> Fri, 08 Jun 2007 14:40:41 GMT thomas.estes 2007-06-08T14:40:41Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776102#M1003493 <P>I am trying to setup up our ASA5505 on our T1. I have outside interface setup on xx.xx.170.18 (the first open public IP). We want non encrypted SMTP traffic to flow from this IP to the mail server at 192.168.1.50. Then I want encrypted mail on our next available public ip xx.xx.170.20 to come into the ASA5505 and route to 192.168.1.30 via SMTP port 25 also. I am stumped though as to how to accomplish this. Do I need an additional "outside" interface for the other public ip? There is 1 T1 line can that "line" have 2 ip addresses?</P><P></P><P>Thanks for the help.</P> Mon, 11 Mar 2019 10:27:14 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776102#M1003493 thomas.estes 2019-03-11T10:27:14Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776103#M1003509 <HTML><HEAD></HEAD><BODY><P>The whole /29 network is routed to you by the isp so you do not need another physical interface. You just need to add another static and acl entry for the new server. </P><P></P><P>access-list out2in extended permit tcp any host xx.xx.170.20 eq smtp </P><P></P><P>static (inside,outside) xx.xx.170.20 192.168.1.30 netmask 255.255.255.255</P></BODY></HTML> Fri, 08 Jun 2007 14:23:30 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776103#M1003509 acomiskey 2007-06-08T14:23:30Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776104#M1003522 <HTML><HEAD></HEAD><BODY><P>Ok,</P><P></P><P>I am struggling with inputting these via the ASDM I always seem to get them backwards. So how do I telnet or SSH to the device so that I can CLI these commands to the device.</P><P></P><P>Again sorry to be such a newbie.</P><P></P><P>I try and access via telnet and I get:</P><P></P><P>User Access verification</P><P></P><P>PASSWORD:</P><P></P><P>When I try the password that I use for ASDM it does not work.</P></BODY></HTML> Fri, 08 Jun 2007 14:31:01 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776104#M1003522 thomas.estes 2007-06-08T14:31:01Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776105#M1003538 <HTML><HEAD></HEAD><BODY><P>Configuration -&gt; Properties -&gt; Device Access</P><P></P><P>Add your ip address or network you are on to ssh or telnet lists. I recommend ssh.</P></BODY></HTML> Fri, 08 Jun 2007 14:35:53 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776105#M1003538 acomiskey 2007-06-08T14:35:53Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776106#M1003549 <HTML><HEAD></HEAD><BODY><P>I did that and SSH times out (trying via PuTTY).</P><P></P><P>Telnet wants a password and I try the password that I use same password that I use for ASDM and no luck</P></BODY></HTML> Fri, 08 Jun 2007 14:40:41 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776106#M1003549 thomas.estes 2007-06-08T14:40:41Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776107#M1003556 <HTML><HEAD></HEAD><BODY><P>Try Config -&gt; Properties -&gt; Certificates -&gt; Key pair</P><P></P><P>You should have a general purpose 1024 key there, if not hit add and generate now. Then try ssh.</P><P></P><P>check your config for </P><P></P><P>aaa authentication ssh console LOCAL </P><P></P></BODY></HTML> Fri, 08 Jun 2007 14:51:34 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776107#M1003556 acomiskey 2007-06-08T14:51:34Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776108#M1003563 <HTML><HEAD></HEAD><BODY><P>ok I generated the general purpose cert and can now get putty to connect via ssh but still can;t logon.</P><P></P><P>It asks logon as:</P><P></P><P>I have tried blank</P><P>I have tried enable_15</P><P>and a user id that I created to no avail.</P></BODY></HTML> Fri, 08 Jun 2007 15:03:39 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776108#M1003563 thomas.estes 2007-06-08T15:03:39Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776109#M1003569 <HTML><HEAD></HEAD><BODY><P>device access -&gt; aaa access -&gt; check enable server group local and check ssh server group local</P><P></P><P>you should then be able to use the username you created in asa.</P></BODY></HTML> Fri, 08 Jun 2007 15:08:02 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776109#M1003569 acomiskey 2007-06-08T15:08:02Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776110#M1003573 <HTML><HEAD></HEAD><BODY><P>that resolved my ssh access. thanks so much for your help. I will now try to apply these rules to fix my original issues.</P></BODY></HTML> Fri, 08 Jun 2007 15:11:01 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776110#M1003573 thomas.estes 2007-06-08T15:11:01Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776111#M1003576 <HTML><HEAD></HEAD><BODY><P>If I use this then email flows in from the outside.</P><P></P><P>static (inside,outside) tcp interface 25 192.168.1.50 25 netmask 255.255.255.255 0 0</P><P></P><P>As soon as I change this to </P><P></P><P>static (inside,outside) xx.xx.170.18 192.168.1.50 netmask 255.255.255.255</P><P></P><P>mail flow stops.</P><P></P><P>I need to be able to point at the specific incoming IP so that I can route between x.x.x.18 smtp and x.x.x.20 smtp zixvpm.</P><P></P><P>any ideas?</P></BODY></HTML> Fri, 08 Jun 2007 17:11:30 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776111#M1003576 thomas.estes 2007-06-08T17:11:30Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776112#M1003580 <HTML><HEAD></HEAD><BODY><P>You said you wanted xx.xx.170.18 to map to 192.168.1.30....not 192.168.1.50.</P><P></P><P>Is that correct or no?</P></BODY></HTML> Fri, 08 Jun 2007 17:16:40 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776112#M1003580 acomiskey 2007-06-08T17:16:40Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776113#M1003585 <HTML><HEAD></HEAD><BODY><P>xx.xx.170.18 -&gt; 192.168.1.50</P><P>xx.xx.170.20 -&gt; 192.168.1.30</P><P></P><P></P></BODY></HTML> Fri, 08 Jun 2007 17:18:15 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776113#M1003585 thomas.estes 2007-06-08T17:18:15Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776114#M1003590 <HTML><HEAD></HEAD><BODY><P>Sorry, when the address is also your outside interface address and you are doing pat then you need to use the "interface" keyword in your static. Since xx.xx.172.18 = ASA outside interface address then...</P><P></P><P>static (inside,outside) interface 192.168.1.50 netmask 255.255.255.255 </P><P>static (inside,outside) xx.xx.170.20 192.168.1.30 netmask 255.255.255.255</P><P></P></BODY></HTML> Fri, 08 Jun 2007 17:21:12 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776114#M1003590 acomiskey 2007-06-08T17:21:12Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776115#M1003597 <HTML><HEAD></HEAD><BODY><P>ok I have tried those.</P><P></P><P>Do I need to do the PAT here as well for the smtp?</P><P></P><P>Below is the new running config</P><P></P><P>Result of the command: "show running-config"</P><P></P><P>: Saved</P><P>:</P><P>ASA Version 7.2(2) </P><P>!</P><P>hostname ASA5505</P><P>domain-name amcinc.us</P><P>enable password 8aPd93D5bXaT2fFZ encrypted</P><P>names</P><P>!</P><P>interface Vlan1</P><P> mac-address 0012.3f7f.9876</P><P> nameif inside</P><P> security-level 100</P><P> ip address 192.168.1.1 255.255.255.0 </P><P>!</P><P>interface Vlan2</P><P> description NuVox T1</P><P> nameif outside</P><P> security-level 0</P><P> ip address x.x.170.18 255.255.255.248 </P><P>!</P><P>interface Ethernet0/0</P><P> switchport access vlan 2</P><P>!</P><P>interface Ethernet0/1</P><P>!</P><P>interface Ethernet0/2</P><P>!</P><P>interface Ethernet0/3</P><P>!</P><P>interface Ethernet0/4</P><P>!</P><P>interface Ethernet0/5</P><P>!</P><P>interface Ethernet0/6</P><P>!</P><P>interface Ethernet0/7</P><P>!</P><P>passwd 2KFQnbNIdI.2KYOU encrypted</P><P>ftp mode passive</P><P>dns domain-lookup inside</P><P>dns server-group DefaultDNS</P><P> domain-name amcinc.us</P><P>object-group icmp-type icmp_grp</P><P> icmp-object echo-reply</P><P> icmp-object information-reply</P><P> icmp-object traceroute</P><P>access-list out2in extended permit tcp any any eq smtp </P><P>access-list out2in extended permit tcp any host x.x.170.18 eq https </P><P>access-list out2in extended permit tcp any host x.x.170.18 eq 9850 </P><P>access-list out2in extended permit tcp any any eq 1677 </P><P>access-list out2in extended permit tcp any any eq 7205 </P><P>access-list out2in extended permit icmp any any echo-reply </P><P>pager lines 24</P><P>logging enable</P><P>logging asdm informational</P><P>logging from-address <A href="mailto:thomas.estes@amcinc.us">thomas.estes@amcinc.us</A></P><P>logging recipient-address <A href="mailto:thomas.estes@amcinc.us">thomas.estes@amcinc.us</A> level errors</P><P>logging host inside 192.168.1.114</P><P>logging permit-hostdown</P><P>mtu inside 1500</P><P>mtu outside 1500</P><P>icmp unreachable rate-limit 1 burst-size 1</P><P>asdm image disk0:/asdm-522.bin</P><P>asdm history enable</P><P>arp timeout 14400</P><P>global (outside) 1 interface</P><P>nat (inside) 1 0.0.0.0 0.0.0.0</P><P>static (inside,outside) tcp interface https 192.168.1.50 https netmask 255.255.255.255 </P><P>static (inside,outside) tcp interface 9850 192.168.1.50 9850 netmask 255.255.255.255 </P><P>static (inside,outside) tcp interface 1677 192.168.1.50 1677 netmask 255.255.255.255 </P><P>static (inside,outside) tcp interface 7205 192.168.1.50 7205 netmask 255.255.255.255 </P><P>static (inside,outside) tcp interface smtp 192.168.1.50 smtp netmask 255.255.255.255 </P><P>static (inside,outside) x.x.170.20 192.168.1.30 netmask 255.255.255.255 </P><P>access-group out2in in interface outside</P><P>route outside 0.0.0.0 0.0.0.0 x.x.170.17 1</P><P>timeout xlate 3:00:00</P><P>timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02</P><P>timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00</P><P>timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00</P><P>timeout uauth 0:05:00 absolute</P><P>username xxxx password pfaW5bAu431sHznu encrypted privilege 15</P><P>aaa authentication ssh console LOCAL </P><P>http server enable</P><P>http 192.168.1.0 255.255.255.0 inside</P><P>ssh 192.168.1.110 255.255.255.255 inside</P><P>ssh 192.168.1.114 255.255.255.255 inside</P><P>ssh timeout 5</P><P>console timeout 0</P><P>dhcpd auto_config outside</P><P>!</P><P>dhcpd address 192.168.1.100-192.168.1.149 inside</P><P>dhcpd dns 64.89.70.2 64.89.74.2 interface inside</P><P>dhcpd enable inside</P><P>!</P><P></P><P>!</P><P>class-map inspection_default</P><P> match default-inspection-traffic</P><P>!</P><P>!</P><P>policy-map type inspect dns preset_dns_map</P><P> parameters</P><P> message-length maximum 512</P><P>policy-map global_policy</P><P> class inspection_default</P><P> inspect dns preset_dns_map </P><P> inspect ftp </P><P> inspect h323 h225 </P><P> inspect h323 ras </P><P> inspect rsh </P><P> inspect rtsp </P><P> inspect esmtp </P><P> inspect sqlnet </P><P> inspect skinny </P><P> inspect sunrpc </P><P> inspect xdmcp </P><P> inspect sip </P><P> inspect netbios </P><P> inspect tftp </P><P>!</P><P>service-policy global_policy global</P><P>webvpn</P><P> csd image disk0:/securedesktop-asa-3.1.1.29-k9.pkg</P><P>prompt hostname context </P><P>Cryptochecksum:1f035eed7192c5ef42cf50d5e477e8d3</P><P>: end</P></BODY></HTML> Fri, 08 Jun 2007 17:31:00 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776115#M1003597 thomas.estes 2007-06-08T17:31:00Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776116#M1003598 <HTML><HEAD></HEAD><BODY><P>This is pat...</P><P></P><P>global (outside) 1 interface </P><P>nat (inside) 1 0.0.0.0 0.0.0.0 </P><P></P><P>and it has nothing to do with your smtp problem. Your config looks fine, .20 is not working or what? Try a "clear xlate".</P></BODY></HTML> Fri, 08 Jun 2007 17:35:53 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776116#M1003598 acomiskey 2007-06-08T17:35:53Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776117#M1003599 <HTML><HEAD></HEAD><BODY><P>I think I told you this previously as well but you want to write your acl's to be more specific than any.</P><P></P><P>access-list out2in extended permit tcp any x.x.170.18 eq smtp </P><P>access-list out2in extended permit tcp any x.x.170.20 eq smtp</P><P>access-list out2in extended permit tcp any host x.x.170.18 eq https </P><P>access-list out2in extended permit tcp any host x.x.170.18 eq 9850 </P><P>access-list out2in extended permit tcp any host x.x.170.18 eq 1677 </P><P>access-list out2in extended permit tcp any host x.x.170.18 eq 7205 </P><P>access-list out2in extended permit icmp any any echo-reply</P></BODY></HTML> Fri, 08 Jun 2007 17:41:09 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776117#M1003599 acomiskey 2007-06-08T17:41:09Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776118#M1003602 <HTML><HEAD></HEAD><BODY><P>You had, I just have been so paranoid about email not flowing in that I did not want to change them.</P></BODY></HTML> Fri, 08 Jun 2007 17:44:08 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776118#M1003602 thomas.estes 2007-06-08T17:44:08Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776119#M1003609 <HTML><HEAD></HEAD><BODY><P>No probs, what you have in your config should work fine for the second smtp server.</P></BODY></HTML> Fri, 08 Jun 2007 17:45:36 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776119#M1003609 acomiskey 2007-06-08T17:45:36Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776120#M1003613 <HTML><HEAD></HEAD><BODY><P>Last time, (hopefully).</P><P></P><P>Since I am paranoid and skeptical.</P><P></P><P>Here is my config. that I hope will allow traffic from our 2 different public IPs to one interface both on port 25.</P><P></P><P>Result of the command: "show running-config"</P><P></P><P>interface Vlan1</P><P> mac-address 0012.3f7f.9876</P><P> nameif inside</P><P> security-level 100</P><P> ip address 192.168.1.1 255.255.255.0 </P><P>!</P><P>interface Vlan2</P><P> description NuVox T1</P><P> nameif outside</P><P> security-level 0</P><P> ip address x.x.170.18 255.255.255.248 </P><P>!</P><P>interface Ethernet0/0</P><P> switchport access vlan 2</P><P>!</P><P>interface Ethernet0/1</P><P>!</P><P>interface Ethernet0/2</P><P>!</P><P>interface Ethernet0/3</P><P>!</P><P>interface Ethernet0/4</P><P>!</P><P>interface Ethernet0/5</P><P>!</P><P>interface Ethernet0/6</P><P>!</P><P>interface Ethernet0/7</P><P>!</P><P>passwd 2KFQnbNIdI.2KYOU encrypted</P><P>ftp mode passive</P><P>dns domain-lookup inside</P><P>dns server-group DefaultDNS</P><P> domain-name amcinc.us</P><P>object-group icmp-type icmp_grp</P><P> icmp-object echo-reply</P><P> icmp-object information-reply</P><P> icmp-object traceroute</P><P>access-list out2in extended permit tcp any host x.x.170.18 eq smtp </P><P>access-list out2in extended permit tcp any host x.x.170.20 eq smtp </P><P>access-list out2in extended permit tcp any host x.x.170.18 eq https </P><P>access-list out2in extended permit tcp any host x.x.170.18 eq 9850 </P><P>access-list out2in extended permit tcp any host x.x.170.18 eq 1677 </P><P>access-list out2in extended permit tcp any host x.x.170.18 eq 7205 </P><P>access-list out2in extended permit icmp any any echo-reply </P><P>pager lines 24</P><P>logging enable</P><P>logging asdm informational</P><P>logging from-address <A href="mailto:thomas.estes@amcinc.us">thomas.estes@amcinc.us</A></P><P>logging recipient-address <A href="mailto:thomas.estes@amcinc.us">thomas.estes@amcinc.us</A> level errors</P><P>logging host inside 192.168.1.114</P><P>logging permit-hostdown</P><P>mtu inside 1500</P><P>mtu outside 1500</P><P>icmp unreachable rate-limit 1 burst-size 1</P><P>asdm image disk0:/asdm-522.bin</P><P>asdm history enable</P><P>arp timeout 14400</P><P>global (outside) 1 interface</P><P>nat (inside) 1 0.0.0.0 0.0.0.0</P><P>static (inside,outside) tcp interface https 192.168.1.50 https netmask 255.255.255.255 </P><P>static (inside,outside) tcp interface 9850 192.168.1.50 9850 netmask 255.255.255.255 </P><P>static (inside,outside) tcp interface 1677 192.168.1.50 1677 netmask 255.255.255.255 </P><P>static (inside,outside) tcp interface 7205 192.168.1.50 7205 netmask 255.255.255.255 </P><P>static (inside,outside) tcp interface smtp 192.168.1.50 smtp netmask 255.255.255.255 </P><P>static (inside,outside) x.x.170.20 192.168.1.30 netmask 255.255.255.255 </P><P>access-group out2in in interface outside</P><P>route outside 0.0.0.0 0.0.0.0 x.x.170.17 1</P><P>timeout xlate 3:00:00</P><P>timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02</P><P>timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00</P><P>timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00</P><P>timeout uauth 0:05:00 absolute</P><P>username xxxxx password pfaW5bAu431sHznu encrypted privilege 15</P><P>aaa authentication ssh console LOCAL </P><P>http server enable</P><P>http 192.168.1.114 255.255.255.255 inside</P><P>snmp-server host inside 192.168.1.1 community ASA5505</P><P>snmp-server location Data Room</P><P>snmp-server contact Tom Estes</P><P>snmp-server community ASA5505</P><P>snmp-server enable traps snmp authentication linkup linkdown coldstart</P><P>telnet timeout 5</P><P>ssh 192.168.1.110 255.255.255.255 inside</P><P>ssh 192.168.1.114 255.255.255.255 inside</P><P>ssh timeout 5</P><P>console timeout 0</P><P>dhcpd auto_config outside</P><P>!</P><P>dhcpd address 192.168.1.100-192.168.1.149 inside</P><P>dhcpd dns 64.89.70.2 64.89.74.2 interface inside</P><P>dhcpd enable inside</P><P>!</P><P></P><P>!</P><P>class-map inspection_default</P><P> match default-inspection-traffic</P><P>!</P><P>!</P><P>policy-map type inspect dns preset_dns_map</P><P> parameters</P><P> message-length maximum 512</P><P>policy-map global_policy</P><P> class inspection_default</P><P> inspect dns preset_dns_map </P><P> inspect ftp </P><P> inspect h323 h225 </P><P> inspect h323 ras </P><P> inspect rsh </P><P> inspect rtsp </P><P> inspect esmtp </P><P> inspect sqlnet </P><P> inspect skinny </P><P> inspect sunrpc </P><P> inspect xdmcp </P><P> inspect sip </P><P> inspect netbios </P><P> inspect tftp </P><P>!</P><P>service-policy global_policy global</P><P>webvpn</P><P>prompt hostname context </P><P>Cryptochecksum:1f035eed7192c5ef42cf50d5e477e8d3</P><P>: end</P><P></P></BODY></HTML> Fri, 08 Jun 2007 17:59:58 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776120#M1003613 thomas.estes 2007-06-08T17:59:58Z https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776121#M1003616 <HTML><HEAD></HEAD><BODY><P>That's a lot of pressure, haha, but yes it looks fine.</P></BODY></HTML> Fri, 08 Jun 2007 18:02:24 GMT https://community.cisco.com/t5/network-security/asa5505-newbie-t1-interface-multiple-public-ips/m-p/776121#M1003616 acomiskey 2007-06-08T18:02:24Z