- Posts: 500
- Thank you received: 0
The famous ASA5505
15 years 6 months ago #30622
by ZiPPy
ZiPPy
The famous ASA5505 was created by ZiPPy
I see many posts on the ASA5505, many answered and a few unanswered.
I'm curious to know how people set them up with dynamic IP's? I'm pretty sure not everybody is lucky enough to have a static IP address. Are people just inputting there current ISP given dynamic IP and changing it on the firewall as the ISP generates a new one? If so, that means that the entire network will be down for that "x" amount of time until you change it.
On a PIX firewall, you can change the IP accordingly but of course you will experience downtime. I know many people use the ASA5505 as there primary firewall, so I'd be curious to know how they handle it.
Using the Fortinet Fortigate firewall product line, you are required to enter the IP/Netmask which only the ISP can provide. Is this valid? I would think you could just figure out the netmask on your own. This is also dealing with the notion of dynamic IPs.
This is a deciding factor for both my friend and I purchasing ASA firewalls. I hope to have a static IP one day, a block of 8 would be nice, but until then I have to deal/manipulate/run-around/make use of dynamic IP's.
Cheers,
ZiPPy
I'm curious to know how people set them up with dynamic IP's? I'm pretty sure not everybody is lucky enough to have a static IP address. Are people just inputting there current ISP given dynamic IP and changing it on the firewall as the ISP generates a new one? If so, that means that the entire network will be down for that "x" amount of time until you change it.
On a PIX firewall, you can change the IP accordingly but of course you will experience downtime. I know many people use the ASA5505 as there primary firewall, so I'd be curious to know how they handle it.
Using the Fortinet Fortigate firewall product line, you are required to enter the IP/Netmask which only the ISP can provide. Is this valid? I would think you could just figure out the netmask on your own. This is also dealing with the notion of dynamic IPs.
This is a deciding factor for both my friend and I purchasing ASA firewalls. I hope to have a static IP one day, a block of 8 would be nice, but until then I have to deal/manipulate/run-around/make use of dynamic IP's.
Cheers,
ZiPPy
ZiPPy
- skepticals
- Offline
- Elite Member
Less
More
- Posts: 783
- Thank you received: 0
15 years 6 months ago #30648
by skepticals
Replied by skepticals on topic Re: The famous ASA5505
You can have the ASA create the default route based on DHCP, so it should change with the dynamic IP.
15 years 6 months ago #30679
by Blake
Replied by Blake on topic Re: The famous ASA5505
Your config in the ASA would look something like this....
interface Vlan2
nameif outside
security-level 0
ip address dhcp setroute (<---What your looking for)
Then the Interface
interface Ethernet0/0
switchport access vlan 2
interface Vlan2
nameif outside
security-level 0
ip address dhcp setroute (<---What your looking for)
Then the Interface
interface Ethernet0/0
switchport access vlan 2
Time to create page: 0.120 seconds