cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2675
Views
0
Helpful
2
Replies

Changing subnet mask in an ASA interface

Hi,

We have an ASA 5520, working fine.

One of the interfaces is connected to users PCs and printers mainly. Last months the number of devices has grown rapidly, and we would like to make some changes in it in order for it to be able to host new devices.We thought on change subnet mask of actual subnet (10.0.2.0/24) to 10.0.2.0/23, so it can hold as many devices.

I understand I have to make some changes in the ASA, but my question is:

What will happend to the acces rules I have created?

Will I need to create them again?

There are some objects which carry information about subnet mask, so I suppose I will need to redefine them, but for those without any subnet mask information, will I have to redefine them?

Thank you very much for your answers.

Kind Regards.

David Fernandez

1 Accepted Solution

Accepted Solutions

Jennifer Halim
Cisco Employee
Cisco Employee

Your access rules will remain the same, you don't have to create them again. Access rule that has subnet mask of 255.255.255.0, you would need to change to 255.255.254.0 to cater for the additional host.

Your existing host, you would also need to change the subnet mask to match the ASA mask once you change it.

For those object which carry information on subnet mask, just change the subnet mask to the new one. Others without any subnet mask, you don't need to worry.

Hope that answers your question.

View solution in original post

2 Replies 2

Jennifer Halim
Cisco Employee
Cisco Employee

Your access rules will remain the same, you don't have to create them again. Access rule that has subnet mask of 255.255.255.0, you would need to change to 255.255.254.0 to cater for the additional host.

Your existing host, you would also need to change the subnet mask to match the ASA mask once you change it.

For those object which carry information on subnet mask, just change the subnet mask to the new one. Others without any subnet mask, you don't need to worry.

Hope that answers your question.

Hi Jennifer,

It quite well responds my question.Thank you very much.

So I will apply the new configuration.

Thank you very much and best regards.

David Fernandez.

Review Cisco Networking for a $25 gift card