Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
322
Views
0
Helpful
2
Replies

asa interface assignments

mialbert
Level 1
Level 1

‎10-30-2014 10:32 AM - edited ‎03-05-2019 12:04 AM

I have two public ip ranges from the isp that I’m assigning to my asa 5512.  One range is a /29 and the other range is a /26.  I’ve assigned the /29 as nameif outside and the /26 as nameif inside.  Are there any anamolies with this design.  I’m wondering if it would be better to assign the /29 as outside and use a private range for inside and then translate that to the /26.  It is currently working way it is but I’m wondering about whether it is worth changing it.  Thanks

Labels:
0 Helpful
2 Replies 2

Robert Falconer
Level 1
Level 1

‎11-03-2014 09:55 AM

Are you using the /26 public address space on your internal network?

Generally, the inside is going to be your private IP space and you use the /26 for public facing services on a DMZ and for outbound NAT purposes.

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to Robert Falconer

‎11-04-2014 05:59 AM

I would agree that the usual approach is to use the /26 for address translation without assigning it to an interface or to use it in a DMZ. But if it is working ok currently assigned to the inside interface then it might not be worth changing it.

 

HTH

 

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents
Top