Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
63476
Views
29
Helpful
17
Replies

Multiple public IP Addresses on ASA 5505?

Douglas Sensenig
Level 1
Level 1

‎09-09-2011 01:11 PM - edited ‎03-11-2019 02:23 PM

Hi

Is it possible to two or more public IP Addresses bound to a Cisco ASA 5505 running 8.4(2). If so, how?

Thanks in advance for your help with my request.

d

Labels:
0 Helpful
17 Replies 17

FlorianCokl
Level 1
Level 1

‎06-23-2013 05:34 AM

Hello Douglas,

you don't need to assign multiple IP-addresses - the trick is the MASK besides that you tell ASA where to find the default gateway.

The rest is icing on a cake, and you achive this with the help of NAT.

Lets say you're provided a network with a mask of 255.255.255.248, then nets, or subnets, jump on the number 8.

  • 1. net: X.X.X.0, with 7 being the broadcast, 1 the first usable (usually the DFGW) leaving you 5 addresses
  • 2. net: X.X.X.8, with 15 being the broadcast, 9 the first usable leaving you 5 addresses
  • 3. net: X.X.X.16, with 23 being the broadcast, 17 the first usable, leaving you 5 adresses
  • and so forth

Lets take the 3rd example here, and configure the outside interface with a mask of 255.255.255.248 and the address of X.X.X.18 (the first usable besides the DFGW), or X.X.X.22 (the last usable if 17 was taken by the DFGW) - we stick with 18.

  • If you want your mail to be available through X.X.X.19 create a NAT-rule where you reference from the inside (IP of your server etc.) to the outside with the address X.X.X.19 (create a object like "WAN-ADDRESS-19" and give it the address X.X.X.19, and don't forget the ACLs!).
  • If you want your webservices to be available through X.X.X.20 create a NAT-rule where you reference from the inside (IP of your server etc.) to the outside with the address X.X.X.20 (create a object like "WAN-ADDRESS-20" and give it the address X.X.X.20, and don't forget the ACLs!).

That all works through 1 cable, 1 interface assigned with the right MASK

Hope that clears the skys?

Pls, rate right answers!

Douglas Sensenig
Level 1
Level 1
In response to FlorianCokl

‎06-25-2013 02:52 PM

I appreciated you taking the time to answer my question.

d

0 Helpful

FlorianCokl
Level 1
Level 1
In response to Douglas Sensenig

‎10-14-2015 07:01 AM

Hi Douglas,

do you still need help with ASA, NAT, ACL, reachability from outside?

cheers

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card