Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
921
Views
0
Helpful
3
Replies

Help installing a Cisco ASA 5505

carrgater
Level 1
Level 1

‎09-22-2012 06:53 AM - edited ‎03-11-2019 04:57 PM

Hi,

I'd like some advice configuring a Cisco ASA 5505 firewall.

In the office there is 1 x SBS 2008 server and 5 x PCs, all sat behind a Netgear DGN1000 ADSL router.

We want to implement a ASA 5505 for added security.

We have been given the following public static IP address:

x.x.x.217 to x.x.x.221

Default gateway x.x.x.222

Subnet mask 255.255.255.248

I have configured the internal interface of the Cisco ASA 5505 to be 192.168.0.1 - this is connected to local switch. The client PCs use 192.168.0.1 as their default gateway.

I have configured the external ASA 5505 interface to be x.x.x.217

There is a static router on ASA 5505

Interface          Outside

IP address        0.0.0.0

Mask               0.0.0.0

Gateway          x.x.x.218

Change the current router status from Router/Firewall/Modem to Modem only (Bridge mode). The ASA 5505 has its outside interface connected into one of the LAN ports of the netgear. The lan port has an IP of 192.168.0.254

All this is summarised in the document attached.

None of the PCs/server have any connection to outside world

Can anyone help?

Labels:
Preview file
46 KB
0 Helpful
3 Replies 3

rmanapat
Level 1
Level 1

‎09-22-2012 07:59 AM

It would be very helpful to troubleshoot your issue if you post your running config.

Thanks,

Russell

0 Helpful

nkarthikeyan
Level 7
Level 7

‎09-22-2012 01:35 PM

Hi Jonathan,

When you have route outisde any any is pointed to a public IP address x.x.x.218 and when you have the private zone IP which connects to the netgear box is configured on interface.... how it works....

ASA inside is 192.168.0.1 and that connects to a switch.. this is fine...

You should have public ip address x.x.x.217 on the outside interface and gateway as u said x.x.x.218. But you should have the NAT configured in place within the public IP address range provided by the ISP to make the internet work for you.

Please let me know if my understanding is wrong.

Please do rate if tge given information helps.

By

Karthik

0 Helpful

Sean Porterfield
Level 1
Level 1

‎09-24-2012 08:41 AM

First you say your ISP told you to use

> Default gateway x.x.x.222

Then you say you configured the ASA with

> Gateway          x.x.x.218

Set the ASA gateway to x.x.x.222 as instructed by your ISP.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card