I need to change the outside address on a 515E and reset the tunnels on a working PIX. Can anyone please give me the step by step commands to achieve this? I'm pretty new at this and don't want to mess things up. Thanks
You'd probably get more responses in comp.dcom.sys.cisco .
If you are using Network Address Translation, changing the outside address is fairly simple on the 515E [which only runs PIX 5.x and PIX 6.x; the process can get a bit more complex on some of the other models that run PIX 7.x.]
enable show ip show route configure terminal no ip address outside XX.YY.ZZ.AA MM.MM.MM.MM ip address outside BB.CC.DD.EE NN.NN.NN.NN no route outside 0.0.0.0 0.0.0.0 XX.YY.ZZ.BB route outside 0.0.0.0 0.0.0.0 BB.CC.DD.FF NN.NN.NN.NN
Test, and when you are ready to save this permanently,
write memory
If you are using certificates, may need to get a new certificate.
You might have some additional configuration steps if your outside IP range is changing completely:
show global show static show nat
If you see any "nat 0" *without* an "access-list", or see any static commands that reference the old range, or if you see any global commands referencing the old range, then you will need to update those commands. Also, if you have static that refer to your outside address,
show access-group
and have a look at the access-lists named there to see if they refer to any outside IPs; if they do, you may have some ACL updating to do.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.