cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3793
Views
0
Helpful
11
Replies

ASA 5506 IP Address and Interface BVI

saids3
Level 1
Level 1

Hello - 

I need to change the IP address from 192.168.1.1 to 10.209.133.1 

 

Also I see the unit is with BVI1 interface and the assign IP 192.168.1.1, 

 

The other interfaces is BVI also, do I need to change this prior change the IP address  

1 Accepted Solution

Accepted Solutions

Thank you for the help,
I have managed to change the IP using this command,
Config t
Configure factory-default IP address mask

View solution in original post

11 Replies 11

You can directly change the interface address. Just change it from dhcp to static and put in the new IP and mask. After that, you also have to add a static default route to your config.

Thank you for reply,, Is it like this?
Configure t
Int gig1/2
IP address new IP address + mask

Because right now i have all the interfaces on BVI,, do I need to change this?

Can you please illustrate this in steps?

It is very likely that you don't need a BVI for your outside connection. You could if you want but you don't have to.

If you decide not to use a BVI (probably I wouldn't) just go to the interface and change it.

Here is my current interfaces 

I have very basic knowledge about the ASA, 

 based on the attached picture can illustrate an example to change the IP from 192.168.1.1 to 10.209.133.1 

 

and also the static route 

You can directly edit the interface and change it.

Thank you for the reply, here is my current configuration,,, 

I need to change the current IP Address to (10.209.133.1) —-Can please edit highlight what needs to be changed? Thank you. 

NM2WCASA1# config t

NM2WCASA1(config)# show run

: Saved

 

 

!

interface GigabitEthernet1/1

nameif outside

security-level 0

ip address dhcp setroute

!

interface GigabitEthernet1/2

bridge-group 1

nameif inside_1

security-level 100

!

interface GigabitEthernet1/3

bridge-group 1

nameif inside_2

security-level 100

!

interface GigabitEthernet1/4

bridge-group 1

nameif inside_3

security-level 100

!

interface GigabitEthernet1/5

bridge-group 1

nameif inside_4

security-level 100

!

interface GigabitEthernet1/6

bridge-group 1

nameif inside_5

security-level 100

!

interface GigabitEthernet1/7

bridge-group 1

nameif inside_6

security-level 100

!

interface GigabitEthernet1/8

nameif inside_7

security-level 100

!

interface Management1/1

management-only

no nameif

no security-level

no ip address

!

interface BVI1

nameif inside

security-level 100

ip address 192.168.1.1 255.255.255.0

!

ftp mode passive

clock timezone GST 4

dns server-group DefaultDNS

domain-name omsaid.org

object network obj_any1

subnet 0.0.0.0 0.0.0.0

object network obj_any2

subnet 0.0.0.0 0.0.0.0

object network obj_any3

subnet 0.0.0.0 0.0.0.0

object network obj_any4

subnet 0.0.0.0 0.0.0.0

object network obj_any5

subnet 0.0.0.0 0.0.0.0

object network obj_any6

subnet 0.0.0.0 0.0.0.0

object network obj_any7

subnet 0.0.0.0 0.0.0.0

pager lines 24

logging asdm informational

mtu outside 1500

mtu inside_1 1500

mtu inside_2 1500

mtu inside_3 1500

mtu inside_4 1500

mtu inside_5 1500

mtu inside_6 1500

mtu inside_7 1500

icmp unreachable rate-limit 1 burst-size 1

no asdm history enable

arp timeout 14400

no arp permit-nonconnected

arp rate-limit 16384

!

object network obj_any1

nat (inside_1,outside) dynamic interface

object network obj_any2

nat (inside_2,outside) dynamic interface

object network obj_any3

nat (inside_3,outside) dynamic interface

object network obj_any4

nat (inside_4,outside) dynamic interface

object network obj_any5

nat (inside_5,outside) dynamic interface

object network obj_any6

nat (inside_6,outside) dynamic interface

timeout xlate 3:00:00

timeout pat-xlate 0:00:30

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 sctp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

timeout floating-conn 0:00:00

timeout conn-holddown 0:00:15

timeout igp stale-route 0:01:10

user-identity default-domain LOCAL

aaa authentication ssh console LOCAL

aaa authentication http console LOCAL

aaa authentication login-history

http server enable

http 192.168.1.0 255.255.255.0 inside_6

http 192.168.1.0 255.255.255.0 inside_2

http 192.168.1.0 255.255.255.0 inside_3

http 192.168.1.0 255.255.255.0 inside_5

http 192.168.1.0 255.255.255.0 inside_1

http 192.168.1.0 255.255.255.0 inside_4

no snmp-server location

no snmp-server contact

service sw-reset-button

 

dhcpd auto_config outside

dhcpd option 3 ip 192.168.1.1

!

dhcpd address 192.168.1.5-192.168.1.150 inside

dhcpd dns 208.67.222.222 208.67.220.220 interface inside

dhcpd domain omsaid.org interface inside

dhcpd enable inside

!

dhcprelay timeout 60

threat-detection basic-threat

threat-detection statistics access-list

no threat-detection statistics tcp-intercept

dynamic-access-policy-record DfltAccessPolicy

!

class-map global-class

match any

!

!

policy-map global_policy

class global-class

  sfr fail-open

!

service-policy global_policy global

prompt hostname context

call-home reporting anonymous

: end

Any feedback please - I'm stuck with current IP 192.168.1.1

interface GigabitEthernet1/1
 ip address 10.209.133.1 255.255.255.0
!
route outside 0 0 10.209.133.X

The mask has to be adjusted on what you use on the outside interface. The route has to point to your next-hop router.

see the current configuration 

interface 1/1 - outside - 10.206.167.1

interface BVI1 - inside - 192.168.1.1

Hello - 

I can’t completed anyconnect configuration 

getting this error !! 
what I should do please 

Thank you for the help,
I have managed to change the IP using this command,
Config t
Configure factory-default IP address mask
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: