Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
725
Views
10
Helpful
5
Replies

Replace default getway of firewall to swith

tech44048
Level 1
Level 1

‎03-04-2021 06:28 AM

Hi Community,

We need to switch between adress of ASA and MS-250 we need to give the address of ASA (192.168.1.1) to MS-250 (192.168.1.3) and adress of MS-250 TO ASA
-We have intervlan (van 1,30,20,40) managed by MS-250 Switch
-We have a server that takes static IP and take 192.168.1.1(address of ASA )as gateway IP
-In ASA we create rules for exchange server (open port: pop/imap/SMTP), if we change the gateway, the rules still work?

We need our server and device in vlan 1 go through MS Switch not the Firewall

Thank you

Labels:
0 Helpful
5 Replies 5

balaji.bandi
Hall of Fame
Hall of Fame

‎03-04-2021 06:37 AM

Then point the device to Switch as a gateway, add a static default route on switch  towards ASA.

 

From ASA add static route entries for 192.168.1.0/24 towards switch IP 192.168.1.3

Switch static route 192.168.1.1 (ASA)

device gateway 192.168.1.3

 

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

paul driver
VIP
VIP

‎03-04-2021 06:51 AM

Hello

Can you post a topology diagram please.


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

tech44048
Level 1
Level 1
In response to paul driver

‎03-04-2021 07:36 AM

Hi Paul,

 

to not change the default getway in all the server and device that take static rout ,just we need to replace ip of ASA(current getway192.168.1.1) with (MS-250 switch192.168.1.3)

topologie.png

 

Thank you

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to tech44048

‎03-04-2021 08:12 AM

thank you for the diagram - @Giuseppe Larosa suggests another option - other than my default reply.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎03-04-2021 07:33 AM

Hello @tech44048 ,

a clean design would require an additional VLAN like VLAN 50 for ASA to switch communication

VLAN 50 192.168.50.1/24 on ASA side and 192.168.50.2 on MS250 side

 

 

ASA ---- VLAN 50 ----    switch MS250 ---- VLAN 1-40

 

on ASA you will have

route 192.168.1.0 255.255.255.0 192.168.50.2 inside

route 192.168.20.0 255.255.255.0 192.168.50.2 inside

route 192.168.30.0 255.255.255.0 192.168.50.2 inside

route 192.168.40.0 255.255.255.0 192.168.50.2 inside

 

on switch

ip route 0.0.0.0 0.0.0.0 192.168.50.1

 

>> In ASA we create rules for exchange server (open port: pop/imap/SMTP), if we change the gateway, the rules still work?

 

Yes with the proposed setup the server will have def gateway 192.168.1.1 on switch and switch will route to ASA on new VLAN 50

 

Hope to help

Giuseppe

 

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card