1. Home
  2. Cisco Systems
  3. Setup ASA5505

Setup ASA5505

Hi All,

I relatively new to ASA5505 devices, but I try to understand the following: My ISP provides me with 4 static IP's in a so call routed subnet, so no NAT is available. I don't understand how to setup a internet connection for the inside network. Let me explain. My ADSL modem provides four utp connections all responsible for one external IP address. To connect to the internet I setup an Linksys device (RV042) connected to one port of my ADSL modem. To set it up I must configure a static WAN IP, a subnet and a (external and in the same range) gateway. Works fine!

I would like to setup Remote Access by VPN, using VPN client software, but I don''t understand how to configure my ASA5505 to connect the internal network (behind the ASA) with the external (internet). Do I have to use the RV042 linksys between, or can I connect my ASA directly to my ADSL modem? Is it possible to use my ASA when only routed subnet is available?

Using the Cisco ASDM utility I see it's possible to setup port '0' as an Outside port, connecting to an external network (internet), and it is possible to set it up for an static IP, but to connect it properly to my ADSL modem it needs an gateway IP aswell...what isn't possible... So I'm stuck in the mud now.... Any help is welcome!

Reply to
Tim Roelands
Loading thread data ...

Yes. Actually as we have explained you don't need the Linksys. One question though is what is the subnet mask for those IP addresses? If the subnet is 255.255.255.252 (a /30 subnet), then you actually only have 2 routable addresses, the first and last of the addresses (making up the 4 addresses) are not usable addresses. This is very important to understand in your network design.

Take the following example which I have here on my system:

I am given a routed subnet of xx.xx.xx.1/28. I configure the ADSL router to be on the first address, which as the first address in my subnet is not usable, I gave it xx.xx.xx.2. I now configure the outside IP address of the ASA 5505 to have a static IP of xx.xx.xx.3, and the default gateway of xx.xx.xx.2. My inside interface has the default IP address of 192.168.1.1, with a subnet mask of 255.255.255.0 (/24). The default configuration of the ASA is using the PAT feature to allow all traffic to come out, and the IP address that it appears on it xx.xx.xx.3. Now, I can do other things with the rest of my IP addresses, but it depends on your configuration.

Since the ASA will have a public IP address, you can open up such things as the VPN server, without having the Linksys in the way.

Hope this helps. Andrew.

Reply to
Andrew Hodgson

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.