cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5691
Views
10
Helpful
3
Replies

ASA 5515 - Move/migrate "nameif outside" to new interface

mschlenger
Level 3
Level 3

I am in the process of migrating to a new internet connection. Today, the ASA terminates the internet circuit in G0/0. The new internet connection terminates on a separate router.

 

Interface G0/0

description Internet Interface

nameif outside

ip address x.x.x.x 255.255.255.248 standby x.x.x.x

 

I want to migrate the nameif outside to a port-channel interface on the same ASA. Can you please help me identify how to best accomplish this without damaging the configuration? It is my understanding that if I issue a " no nameif outside" on g0/0, the configuration would be damaged.

 

Interface port-channel2.902

Description NTT_Internet_LAN

VLAN 902

nameif outside

Security-level 0

IP address x.x.x.x 255.255.255.248 standby x.x.x.x

1 Accepted Solution

Accepted Solutions

There is no simple way of doing this as all commands that reference the interface will be removed once you remove the nameif command from the interface.  You cannot name a second interface Outside so you have two options for doing this.

1. first option is to name the portchannel interface "outside2" or some other meaningful name.  Then copy all the configuration that references the outside interface and edit the name to outside2.

2. copy all configuration that references the interface name outside.  remove the nameif command from Gi0/0, then add nameif to the portchannel interface and copy the configuration that reference this interface back into the ASA.

--
Please remember to select a correct answer and rate helpful posts

View solution in original post

3 Replies 3

There is no simple way of doing this as all commands that reference the interface will be removed once you remove the nameif command from the interface.  You cannot name a second interface Outside so you have two options for doing this.

1. first option is to name the portchannel interface "outside2" or some other meaningful name.  Then copy all the configuration that references the outside interface and edit the name to outside2.

2. copy all configuration that references the interface name outside.  remove the nameif command from Gi0/0, then add nameif to the portchannel interface and copy the configuration that reference this interface back into the ASA.

--
Please remember to select a correct answer and rate helpful posts

Thank you for your response, I was hoping there was another way to accomplish this but it looks like I will just need to recreate/paste back in the config.

 

Thanks again

imayroam
Level 1
Level 1

Hi

I just had the same issue on a 5525X.

 

I tftp the config to my laptop, amended the interface configs, and tftp back to the startup config on the ASA.

Reload looks good, all rules are still there.

 

 

Cheers.

Review Cisco Networking for a $25 gift card