Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Need help on ASA 5505, I am new on ASA ..Thank you

Need help on ASA 5505, I am new on ASA ..Thank you 7 years 5 months ago #30271

Dear Gurus,

I am new on configuring ASA5505 I am not using ASDM, I am using the CMD, what I have is the following and please guid me or let me know what should I do next.

The ISP provided us with 5 public IPs X.X.246.17 to x.x.246.22
-I am connecting a Internst DSL IP address X.X.246.17 To the ASA5505 outside interface (ip address x.x.246.18)VLAN2
-I am connecting the inside interface ( of the firewall to the Cisco3560 Switch e0/24. the switch default GW is which is the router fe 0/1.
-The router is connected to the 3560 switch fe 0/23 via the router fe0/1( .
my qustion will be to be able to access the internet what routing do I need on each device?
what I think:
ASA routing should be the DSL IP address.
the switch should be the Inside interface of the firewall
the router should be also the inside interface of the firewall,

please help me and if you need additional information I will be happy to provide you with more.
The administrator has disabled public write access.

Re: Need help on ASA 5505, I am new on ASA ..Thank you 7 years 5 months ago #30272

  • r0nni3
  • r0nni3's Avatar
  • Offline
  • Distinguished Member
  • Posts: 107
  • Karma: 0
So if im correct this is how your network looks:

If thats the case your router should have a default route to the inside interface of the ASA.

For all the networks connected to the switch you would have to make static routes (or use a routing protocol) that point to the interface of the router.
For example:

route inside

The network here is a network connected to the switch. Wich the router also has a route for.

I only have one question tho. Why do you use a router ? It's better to have you switch route (given it is a layer 3 switch). Letting the switch route will reduce the amount of hops a packet needs to take wich results in a lower delay and less network traffic.
Currently working as Cisco Engineer at Neon-Networking.

CCNA - Have it
CCNA Security - Have it
CCSP - Almost!!!!
CCIE Security - Not so far away dream
The administrator has disabled public write access.
Time to create page: 0.072 seconds


Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V


  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup