cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
760
Views
5
Helpful
2
Replies

Assigning multiple external IPs on a single Cisco ASA 5510 interface

patelparth3
Level 1
Level 1

I have cisco ASA 5510. I want to know if I can configure two or multiple ip address on the same interface at a time or not.

The scenario is like this:

I have 5 public IP addresses : 45.X.X.0/29 

There are 4 physical interface: e0/0, e0/1, e0/2 and e0/3.

e0/0: 
     name: Outside
     ip add : 45.X.X.2/29

e0/1:
     name: Users
     ip add: 192.168.1.0/24

e0/2:
     name: Servers
     ip add: 192.168.2.0/24

I want the users on lan 192.168.1.0/24 should use 45.X.X.2 for accessing internet or I would say 1.0/24 use dynamic nat with 45.X.X.2. However, now say I want servers on lan 192.168.2.0/24 should use 45.X.X.3 for accesing internet. Currently, both 1.0/24 and 2.0/24 are configured to use 45.X.X.2 for accesing internet.

So, is it possible I can configure 45.X.X.2 and 45.X.X.3 on e0/0 interface ?

PS: Cisco ASA is running ver 7.2

1 Accepted Solution

Accepted Solutions

ok..So the NAT configuration on my Cisco ASA ver 7.2 is:

 

global (outside) 10 interface

nat (inside_lan_1) 10 192.168.1.0 255.255.255.0

nat (inside_lan_2) 10 192.168.2.0 255.255.255.0

 

But now according to your suggestion, my configuration should be like this:

 

global (outside) 10 45.X.X.2

global (outside) 20 45.X.X.3

nat (inside_lan_1) 10 192.168.1.0 255.255.255.0

nat (inside_lan_2) 20 192.168.2.0 255.255.255.0

 

Is this the correct configuration ?

View solution in original post

2 Replies 2

Dennis Mink
VIP Alumni
VIP Alumni
You dont need to explicitly put all public ips on your outside interface. One is enough. After that use NAt statements for the other IP addresses. This will make the firewall respond to arp requests for these public ips
Please remember to rate useful posts, by clicking on the stars below.

ok..So the NAT configuration on my Cisco ASA ver 7.2 is:

 

global (outside) 10 interface

nat (inside_lan_1) 10 192.168.1.0 255.255.255.0

nat (inside_lan_2) 10 192.168.2.0 255.255.255.0

 

But now according to your suggestion, my configuration should be like this:

 

global (outside) 10 45.X.X.2

global (outside) 20 45.X.X.3

nat (inside_lan_1) 10 192.168.1.0 255.255.255.0

nat (inside_lan_2) 20 192.168.2.0 255.255.255.0

 

Is this the correct configuration ?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: