07-21-2014 12:04 PM - edited 03-11-2019 09:30 PM
i'd like to change the outside address that my 5540 listens on for our ipsec vpn clients, where exactly do i change this? perhaps in nat rules (tcp 1000?) we have a /29 and i'd like to replace our pix that is serving as our vpn and would love to reuse that address so there is no config changes.
07-21-2014 07:54 PM
Maybe you can ask Cisco CCIE for help. If you don't know much about Cisco ASA 5540 firewall, maybe this can help you.
07-22-2014 05:36 AM
ok thanks, i'm somewhat familiar with the pix / asa firewalls as i have set ours up and manage it, but i thought this was the best place to put this!
09-18-2014 07:35 AM
Hi mgraham99,
You change the nat rule that associated with particular public address on which that service request come on for protocol 'esp' and 'ah'.
Hope that helps.
Thanks
Rizwan Rafeek
09-22-2014 01:08 PM
Rizwan, i actually figured it out today.
this is how i fixed it.
re created all VPN rules, new tunnel address range, and shut down the old pix. right after that i changed the outside global address of the 5540 to the pix global and everything transitioned smoothly!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide