Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1658
Views
5
Helpful
4
Replies

Firepower Management Center and Public Address

Go to solution
haggittmark@tm-america.com
Level 1
Level 1

‎05-20-2020 11:31 AM

We have to change our public IP address. Do I have to change it in the Firepower Management Center as well as the firewall ASA5508X

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Steven Case
Level 1
Level 1
In response to haggittmark@tm-america.com

‎05-20-2020 11:57 AM

If the ASA is doing NAT and isn't administrated in the routing capacity through FMC - which I assume is the case because that configuration sucks to do - then no. Again, unless you have a policy that specifically references the old global, or some other rule that does so, you're square on the FMC.

View solution in original post

4 Replies 4

Go to solution
Steven Case
Level 1
Level 1

‎05-20-2020 11:38 AM - edited ‎05-20-2020 11:41 AM

Without much information, I can only give a vague answer:

 

If you have the specification for the old address anywhere in these appliances (policies, control lists, NAT, etc.) and they are in-use, then yes.  If something ahead of them NATs first then no.

 

Edit:  I wanted to clarify. If you're using FMC to run the ASA and manage it, then no; you just need to update FMC's entry for the NAT.

0 Helpful

Go to solution
haggittmark@tm-america.com
Level 1
Level 1
In response to Steven Case

‎05-20-2020 11:52 AM

All of my NAT's, addresses and polices are in the firewall and that is where I plan to edit them.  Do I need to do anything to the FMC?

 

0 Helpful

Go to solution
Steven Case
Level 1
Level 1
In response to haggittmark@tm-america.com

‎05-20-2020 11:57 AM

If the ASA is doing NAT and isn't administrated in the routing capacity through FMC - which I assume is the case because that configuration sucks to do - then no. Again, unless you have a policy that specifically references the old global, or some other rule that does so, you're square on the FMC.

Go to solution
haggittmark@tm-america.com
Level 1
Level 1
In response to Steven Case

‎05-20-2020 12:04 PM

Cool.  I misunderstood. thank you.

0 Helpful
Customers Also Viewed These Support Documents