(I don’t know how to send the vpn users to the CISCO881, to Access to the Data Servers, Printes, and IP PBX System). I try to connect the ASA in my network, and all the Internet traffic flows to and from the CISCO881, without problems, but my VPN Users, (That now are connected in the ASA5505), can’t go more further than the Firewall. With this scenario, What do you suggest? To Configure the firewall as a real ASA (With different levels of Interfaces, working in a diferent network, or to connect it in a transparent mode? Something like this: ISP ROUTER IN BRIDGE MODE >-> ASA5505 WITH PPoE FOR ADSL >-> CISCO881 ……THE REST OF THE NETWORK.
Now, I want to connect an ASA5505 with base license at the beggining of the network, between the ISP Router and my CISCO881. I segment my network with the help of the CISCO881, with 5 VLAN’s (For VoIP, Servers, Guest, VPN Users, Etc.) All this runs perfect!.
ISP ROUTER IN BRIDGE MODE >-> CISCO881-SEC-K9 WITH PPoE FOR ADSL >-> SWITCHES >-> IP PHONES – PC – PRINTES AND SERVERS. Hi!, I purchased your books to configure the ASA5505. What you can do is to use ASDM and change the inside IP address range of the ASA and make it for example 192.168.2.0/24. You must have different IP subnets between inside and outside of the ASA. The HTTP server is enabled for ASDM and is accessible to users on the 192.168.1.0 network.īecause the ASA outside interface will receive an IP address in the range 192.168.1.x from the W20, this IP range is the same as the inside interface of the ASA.The DHCP server is enabled on the security appliance, so a PC connecting to the VLAN 1 interface receives an address between 192.168.1.2 and 192.168.1.254.By default, inside users can access the outside, and outside users are prevented from accessing the inside.All inside IP addresses are translated when accessing the outside using interface PAT.
Step 5: Configure PAT on the outside interfaceĪSA5505(config)# global (outside) 1 interfaceĪSA5505(config)# nat (inside) 1 0.0.0.0 0.0.0.0įrom March 2010, Cisco announced the new Cisco ASA software version 8.3. Step 4: Enable the rest interfaces with no shut Step 2: Configure the external interface vlan (connected to Internet)ĪSA5505(config-if)# ip address 200.200.200.1 255.255.255.0ĪSA5505(config-if)# switchport access vlan 2 Notice from the diagram that port Ethernet0/0 connects to the Internet, and ports Ethernet0/1 to 7 connect to internal hosts (PC computers etc). The diagram below illustrates the network topology for the configuration setup that we will describe. Let’s see the basic configuration setup of the most important steps that you need to configure.
That is, you can not configure the physical ports as Layer 3 ports, rather you have to create interface Vlans and assign the Layer 2 interfaces in each VLAN.īy default, interface Ethernet0/0 is assigned to VLAN 2 and its the outside interface (the one which connects to the Internet), and the other 7 interfaces (Ethernet0/1 to 0/7) are assigned by default to VLAN 1 and are used for connecting to the internal network.