07-10-2024 11:40 AM
Hello all,
I hope all is well.
I am working on a project in which I am configuring an ASA 5508-X firewall. I just wanted to gauge what peoples opinions on what is best practice.
In terms of the outside interface on the firewall should I configure it with:
1) Static ip address
2) Or let the interface lease an ip address from DHCP
Currently, it is leasing an ip address from DHCP.
Thank you
07-10-2024 11:42 AM
This not optional' it depend on SP you connect to
It can give you static Public IP to use or ask you to run ppppe or dhcp.
MHM
07-11-2024 09:27 AM
Many thanks for your input.
07-10-2024 11:45 AM
@neil0367389 In most deployments I use a static IP address for all firewall interfaces (inside, outside etc).
If your ISP gives you the same IP address via DHCP, then it would not matter if it is static or DHCP. However they may require you to use DHCP if you are not allocated the same IP address.
07-11-2024 09:28 AM
I was thinking something similar to what you have said thank you
07-11-2024 10:16 AM
This as I mention not optional
One issue you will face if you use static IP instead of using dhcp even if you receive same IP is defualt route
How you will know the next hop of default route if you use static IP?
Where if you use dhcp the ISP push defualt route with correct next hop to your FW.
So again contact ISP before applying any option
MHM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide