cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


806
Views
3
Helpful
4
Replies
Highlighted
Beginner

cannot connect to ASA after changing IP

I have one ASA which is for client VPN connections and site-to-site VPNs

I changed its IP address, now i'm not able to connect to it.

Here is the detail

vlan522 <=> SW1 <=> g0/48(10.40.251.2) <=> e0/1 (10.40.251.1) <=> FW1-ASA 5510

FW1-ASA 5510 has futher site-to-site VPNs and also client VPN for users to connect from outside, which authenticate from a LDAP server from INSIDE and also DHCP is on INSIDE.

* Now problem is i'm not able to ssh to ASA (10.40.250.1) but ping is working.

* and client VPN is not working, i'm able to ping LDAP/DHCP server from ASA.

attached configurations of switch and ASA.

Everyone's tags (6)
4 REPLIES 4
Rising star

cannot connect to ASA after changing IP

if you did not save the configuration changes just reload the device and you should recover previous configuration

The IP address on the ASA configuration points to 10.40.251.1, did you change this IP address to 10.40.250.1?

The reason that you would not be able to reach 10.40.250.1 would be because network layer 3 devices don´t know how to route to the ASA, log into console and change it back to what it was.

Why did you change this?

Value our effort and rate the assistance!
Beginner

cannot connect to ASA after changing IP

I added another ASA device and have to assign 10.40.250.1 to that device.

So i assigned 10.40.251.1 to this.

Sorry I did not understand what you are trying to say.

And also layer 3 device is connected to this ASA via G0/48 and there is a " directly connected" route to 10.40.251.1. So how does it not know the route.

Beginner

cannot connect to ASA after changing IP

Fixed it.

Problem was somehow the configurations went missing.

I added following conf and it is working fine now.

for ssh: ssh 10.40.0.0 255.255.0.0 inside

for VPN authentication server configuration was missing. Added following:

aaa-server vpn_bmeng_aaa (inside) host netservice

ldap-base-dn *******

ldap-group-base-dn ou=Technical

ldap-scope subtree

ldap-naming-attribute uid

ldap-login-password *****

ldap-login-dn ***********

server-type auto-detect

Also had to fix switch to route reverse traffic for VPN connected hosts to correct firewall.

Rising star

cannot connect to ASA after changing IP

Great to know that everything is working. Please rate our assistance.

Value our effort and rate the assistance!