Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1755
Views
3
Helpful
4
Replies

cannot connect to ASA after changing IP

sysadmin
Level 1
Level 1

‎11-03-2013 07:28 AM - edited ‎03-11-2019 07:59 PM

I have one ASA which is for client VPN connections and site-to-site VPNs

I changed its IP address, now i'm not able to connect to it.

Here is the detail

vlan522 <=> SW1 <=> g0/48(10.40.251.2) <=> e0/1 (10.40.251.1) <=> FW1-ASA 5510

FW1-ASA 5510 has futher site-to-site VPNs and also client VPN for users to connect from outside, which authenticate from a LDAP server from INSIDE and also DHCP is on INSIDE.

* Now problem is i'm not able to ssh to ASA (10.40.250.1) but ping is working.

* and client VPN is not working, i'm able to ping LDAP/DHCP server from ASA.

attached configurations of switch and ASA.

Labels:
15370338-fw1.txt.zip
15370337-sw1.zip
0 Helpful
4 Replies 4

jumora
Level 7
Level 7

‎11-03-2013 03:08 PM

if you did not save the configuration changes just reload the device and you should recover previous configuration

The IP address on the ASA configuration points to 10.40.251.1, did you change this IP address to 10.40.250.1?

The reason that you would not be able to reach 10.40.250.1 would be because network layer 3 devices don´t know how to route to the ASA, log into console and change it back to what it was.

Why did you change this?

Value our effort and rate the assistance!

sysadmin
Level 1
Level 1
In response to jumora

‎11-03-2013 05:40 PM

I added another ASA device and have to assign 10.40.250.1 to that device.

So i assigned 10.40.251.1 to this.

Sorry I did not understand what you are trying to say.

And also layer 3 device is connected to this ASA via G0/48 and there is a " directly connected" route to 10.40.251.1. So how does it not know the route.

0 Helpful

sysadmin
Level 1
Level 1

‎11-04-2013 12:29 AM

Fixed it.

Problem was somehow the configurations went missing.

I added following conf and it is working fine now.

for ssh: ssh 10.40.0.0 255.255.0.0 inside

for VPN authentication server configuration was missing. Added following:

aaa-server vpn_bmeng_aaa (inside) host netservice

ldap-base-dn *******

ldap-group-base-dn ou=Technical

ldap-scope subtree

ldap-naming-attribute uid

ldap-login-password *****

ldap-login-dn ***********

server-type auto-detect

Also had to fix switch to route reverse traffic for VPN connected hosts to correct firewall.

0 Helpful

jumora
Level 7
Level 7
In response to sysadmin

‎11-04-2013 12:46 PM

Great to know that everything is working. Please rate our assistance.

Value our effort and rate the assistance!
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card