11-21-2011 08:44 AM - edited 03-04-2019 02:21 PM
Hi all,
I have a peculiar situation where I need to assign a public ip to a computer without going through firewall (for testing purpose).
I have the leased line going through a 3750 switch to the ASA 5510(15.240.1.2/30) belonging to vlan 999.
ASA has default route going to 15.240.1.1/30(ISP).
I have different public ip range for LAN and WAN
My WAN ip is 15.240.1.0/30, LAN ip range is 15.240.2.24/27 nated by ASA..
I want to connect the PC to the switch port belonging vlan 999 and ip address of 15.240.2.26/27.
My question is, Is there any way I can do this?
If yes, what will be the gateway for the computer?
I would really appreciate some help.
Thank you.
Solved! Go to Solution.
11-22-2011 12:35 AM
That's correct.
You can configure internal/trusted interface [ or any interface but outside] of the firewall with the address of 15.240.2.25/27 and disable NAT for this traffic.
Thanks.
11-21-2011 01:35 PM
Gateway will be 15.240.2.25 - an SVI on the switch.
HTH.
11-21-2011 09:48 PM
Hi,
Thanks for the reply.
All interfaces of the Switch are currently operating in layer 2 and routing is disabled.
1. I cannot assign SVI ip to vlan 999 since it is /30.
2. I cannot enable routing on switch.
I think it would be easier if I go through the asa firewall and disable NAT for the public ip of the pc.
What do you think?
11-22-2011 12:35 AM
That's correct.
You can configure internal/trusted interface [ or any interface but outside] of the firewall with the address of 15.240.2.25/27 and disable NAT for this traffic.
Thanks.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide