08-09-2018 03:51 AM - edited 02-21-2020 08:05 AM
Hi
I am deploying one Cisco 5506 firewall with below configuration
WAN IP :- Static Public IP ( 162.43.47.219)
LAN IP :- 192.168.0.4/24
Management Interface 1/1 - Security Level 0 / No ip address /enable to connected to same switch where LAN side (192.168.0.4) is connected.
LAN side switch is presently L2 switch with default settings.
I have used SFR ip as 192.168.0.254/24 and this IP is reachable from LAN side and I am able to access Firepower GUI using ASDM within LAN successfully.
When I tried to acces firewall outside IP ( https://WAN-IP of firewall) from public internet it landed to ASDM and it also pop up new window to provide me SFR IP and port to access and when I try with 192.168.0.254 and port 443 (default) , I am not able to acces SFR from outside.
Help me to access SFR from outside public internet similar as I am using from inside LAN.
Thanks
Amit
08-09-2018 05:53 AM - edited 08-09-2018 05:54 AM
Hello,
When you connect via ASDM, ASDM will spin up an additional TCP connection to the outside interface that is independant of the main ASDM connection. As a result, you will not be able to use the RFC 1918 address as the IP of the SFR. You will need an additional NAT that covers the 192.168.0.254 address and when prompted for the SFR address in ASDM, you will need to enter the public IP NAT-ed to your 192.168.0.254 address.
Hope that helps.
-A
08-09-2018 05:58 AM
Hi
Please provide me CLI commads to achieve this.
Thanks
Amit
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide