Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2013
Views
0
Helpful
3
Replies

Pass Public IP through ASA5505

Go to solution
david_mundt
Beginner
Beginner

‎11-26-2019 09:01 AM - edited ‎02-21-2020 09:43 AM

I've got a client with an old ASA5505 (Cisco Adaptive Security Appliance Software Version 8.4(4) Device Manager Version 6.4(9) and they have 5 public IPs. I've natted one of the public IPs to the inside address of a SimpleWAN firewall. The SimpleWAN errors out when it sees the natted traffic so if it is possible I'd like to assign one of my public IPs to the SimpleWAN and allow all that traffic to pass through the ASA.

 

Is this config possible? Thank you in advance for your assistance. 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP Master VIP Master
VIP Master
In response to david_mundt

‎11-26-2019 03:07 PM

What I meant was acquire another public IP subnet and route that through the ASA, as you can't route the spare IP address of a network defined on the outside of the ASA to the inside of the ASA.

Alternatively if you say the SimpleWAN device is a firewall, move it's outside interface to the outside of the ASA, by plugging the router, ASA and SimpleWAN device into a layer 2 switch. This does mean the SimpleWAN firewall will not be behind the ASA, but that's all you can do without acquiring another public IP range.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Rob Ingram
VIP Master VIP Master
VIP Master

‎11-26-2019 01:48 PM

Hi,
You get an IP subnet from your ISP and just route through to the SimpleWAN device.
HTH
0 Helpful

Go to solution
david_mundt
Beginner
Beginner
In response to Rob Ingram

‎11-26-2019 02:57 PM

This is precisely what I want to do. My question is I've only got 1 block of 5, 4 of which are being used on my ASA. I want to know if I can assign the simple wan interface the remaining IP and route to it through an interface on the ASA.
0 Helpful

Go to solution
Rob Ingram
VIP Master VIP Master
VIP Master
In response to david_mundt

‎11-26-2019 03:07 PM

What I meant was acquire another public IP subnet and route that through the ASA, as you can't route the spare IP address of a network defined on the outside of the ASA to the inside of the ASA.

Alternatively if you say the SimpleWAN device is a firewall, move it's outside interface to the outside of the ASA, by plugging the router, ASA and SimpleWAN device into a layer 2 switch. This does mean the SimpleWAN firewall will not be behind the ASA, but that's all you can do without acquiring another public IP range.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents