05-20-2020 11:31 AM
We have to change our public IP address. Do I have to change it in the Firepower Management Center as well as the firewall ASA5508X
Solved! Go to Solution.
05-20-2020 11:57 AM
If the ASA is doing NAT and isn't administrated in the routing capacity through FMC - which I assume is the case because that configuration sucks to do - then no. Again, unless you have a policy that specifically references the old global, or some other rule that does so, you're square on the FMC.
05-20-2020 11:38 AM - edited 05-20-2020 11:41 AM
Without much information, I can only give a vague answer:
If you have the specification for the old address anywhere in these appliances (policies, control lists, NAT, etc.) and they are in-use, then yes. If something ahead of them NATs first then no.
Edit: I wanted to clarify. If you're using FMC to run the ASA and manage it, then no; you just need to update FMC's entry for the NAT.
05-20-2020 11:52 AM
All of my NAT's, addresses and polices are in the firewall and that is where I plan to edit them. Do I need to do anything to the FMC?
05-20-2020 11:57 AM
If the ASA is doing NAT and isn't administrated in the routing capacity through FMC - which I assume is the case because that configuration sucks to do - then no. Again, unless you have a policy that specifically references the old global, or some other rule that does so, you're square on the FMC.
05-20-2020 12:04 PM
Cool. I misunderstood. thank you.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide