Cisco Firewall :: DHCP Server Won't Enable - ASA 5505

Nov 1, 2012

I get the following message when appling "DHCPD ENABLE INSIDE"                  
 
DHCP: Interface 'INSIDE' is currently configured as CLIENT and cannot be changed to a SERVER by a SERVER feature
 
 This is an ASA 5505 Running 8.2.

View 14 Replies


ADVERTISEMENT

Cisco Firewall :: Configure DHCP Server On Inside Interface ASA 5505

May 9, 2012

We've just started with the ASA 5505. We do run a DHCP server on the inside interface, so it is in the same VLAN 1 as all of the clients. However, we cannot get it to work.We can't use DHCP Relay, as the ASA 5505 only allows to relay to DHCP servers in a different subnet.Or do we have to move the DHCP server to a different subnet. If so, how would we configure that scenario?

View 13 Replies View Related

Possible To Enable DHCP Server For Additional Routers

Mar 21, 2011

So far we add any router in the existing network simply by disabling DHCP server, and adding LAN ip for that. We don't add WAN detail at all in the additional routers. And plug one cable from main network to the LAN port of the additional routers.So we basically use that additional routers only as a access point for WIFI.But what I wonder is if it's possible for me to use the additional routers with the same feature as of the main routers i.e. Enabling DHCP server so that it too can give its own DHCP ip address.

View 2 Replies View Related

Cisco Switching/Routing :: 2950 - DHCP Server With Command To Enable It

May 4, 2012

I am wondering if it has its own DHCP router and if theres a command to enable it?Also Random side question. it hands out ip addresses to other devices (the 2950 im using infront of a router) but when I hook up another switch to this switch it doesnt initialize the port or try to connect? why.

View 1 Replies View Related

Cisco Firewall :: ASA5505 Disable DHCP On ASA And Enable On WNDR3700

May 13, 2013

I have ASA5505 as my main router (192.168.15.1) and it currently it also serves as DHCP server.  I have a WNDR3700 (192.168.15.2) which work as an access point and it provide wireless access for wireless devices.  I have few dhcp clients where i can't setup static IP, and i want to restrict them to use static IP through MAC reservation. 

1. Make ASA5505 to do the MAC reservation f, which will be easy setup for me.  But as per my search its not possible.

2. Disable dhcp on ASA and enable dhcp on my WNDR3700.  i tired this and dhcp clients are getting IP from wndr3700, but the problem is dhcp clients gateway defaults to 192.168.15.2 (as well as dns) and therefore no internet connection.

View 0 Replies View Related

Cisco Firewall :: How To Enable SSH With ASA 5505 Running 8.3(2)

Aug 2, 2011

I'm replacing a new ASA 5505 due to a corrupted flash.  On the original unit, I had the ability to SSH into the device using TeraTerm with no problems. While configuring the new device, I entered commands to enable SSH into the unit.

View 5 Replies View Related

Cisco Firewall :: Enable SIP From Outside To Inside (ASA 5505)

May 14, 2012

We recently purchases the Cisco ASA 5505 to get familiar with it, possibly buying more appliances for our branch offices. However, since the appliance is installed, our SIP telephones no longer register with our SIP service provider.
 
The SIP phones are all on 10.0.1.0/24 while the SIP provider is external via the outside network. I copied our configuration below. how to enable SIP for all 10.0.1.0/24 hosts and ports 5060, 5160, 5260, 5360?
 
gcxfw# show running-config
: Saved
:
ASA Version 8.4(3)

[Code].....

View 2 Replies View Related

Cisco Firewall :: To Enable Access To Use RealVNC On ASA 5505

Feb 27, 2011

I am trying to enable access to use RealVNC on our Cisco ASA 5505 without using VPN. RealVNC uses port 5900. Users should be able to vnc to 99.23.119.78 and reach our internal server 192.168.1.4. So far they are receiving connection refused.

View 5 Replies View Related

Cisco Firewall :: How To Enable DHCPD Logging In ASA 5505

Aug 11, 2011

I have configured dhcpd in an ASA 5505 and every thing is working. I am testing it to give me a warning when the address pool is about to be finished or it is empty. But don't konw how to do it. if I run the "debug dhcpd packet", i get that the address pool is empty.

View 3 Replies View Related

Cisco Firewall :: To Enable Anti Spoofing ASA 5505

Apr 24, 2011

What is Anti Spoofing in ASA 5505. Can I enable it on ASA 5505. If yes , port will be inside or Outside. ? or both ?

View 1 Replies View Related

Cisco Firewall :: ASA 5505 Enable Live Traffic?

Mar 14, 2012

I am currently troubleshooting a firewall policy on a ASA 5505. What command can enter in the CLI to enable live view of traffic been block and which traffic is been allow?In my experiences with other firewall vendors, other firewalls allow me to narrow down the source and destination, too. is there such thing on the ASA 5505?

View 6 Replies View Related

Cisco Firewall :: Enable Netflow On ASA 5505 For Vlan And Interfaces

May 17, 2013

How can i enable Netflow for each Vlan Or interface indvidually  in Cisco ASA? currently i have setup Netflow and only 2 interfaces are shwoing traffic for Netflow which are not even as my physical or Vlan interfaces . (see screen shot )
 
EscapeASA# sh interface ip brief
Interface                  IP-Address      OK? Method Status                Protocol
Internal-Data0/0           unassigned      YES unset  up                    up

[Code].....

View 9 Replies View Related

Cisco Firewall :: ASA 5505 - Enable Top Usage Tab On ASDM Dashboard?

Feb 3, 2011

Today I upgraded my Cisco ASA 5505 ASDM from version 6.34 to 6.41 cause of some problems on old version with NetFlow. But now when I switch to dashboard i can not see "Top Usage" tab. That was quite usefull for me. It simply disappeared.
 
Can i somehow configure which tabs are displayed on dashboard ? I really need that one and I do not want to downgrade :/

View 7 Replies View Related

Cisco Firewall :: ASA 5505 / Lost Enable Password For Spare Device?

Jul 13, 2011

Is there a way to restore the device to factory settings.  I tried the reset button with a paper clip.

View 2 Replies View Related

Cisco Firewall :: ASA 5510 - Enable External Access To Server On DMZ

Apr 5, 2011

i'' ve one appliance ASA 5510, v8.X and asdm 6X here u have my configuration :
 
interface Ethernet0/0 description Link To WAN nameif outside security-level 0 ip address 212.96.23.186 255.255.255.252!interface Ethernet0/1 description Link to LAN(forefront) nameif inside security-level 100 ip address 10.20.80.1 255.255.255.252!interface Ethernet0/2 description Link to CoreSW (DMZ) nameif DMZ security-level 50 ip address 10.70.70.254 255.255.255.0
  
i have on server ssh (10.70.70.10) on my DMZ .
 
I wan to enable my external user, i mean outside user to be able to access to this server which is in my DMZ for this port ( ssh)

View 4 Replies View Related

Cisco Firewall :: ASA 5505 - Proxy Server Send Register To Hosted Server Private IP Changed

Aug 23, 2011

We have Cisco ASA 5505 with ASDM 5.2 We have one Proxy server in our Local Lab and pointed to Hosted service(Simple Signal)issue is, When our proxy server send register to hosted server, ASA change private IP and post with outside IP and src port as 1063 every time.

Here is debug log on real time monitoring.
 
Aug 24 2011    05:21:19    302015    203.xxx.xxx.226    192.168.1.51     Built outbound UDP connection 3774 for outside:203.xxx.xxx.226/5060 (203.xxx.xxx.226/5060) to inside:192.168.1.51/27014 (99.119.161.107/1142)
Aug 24 2011    05:21:19    607001    203.xxx.xxx.226         Pre- allocate SIP Via UDP secondary channel for inside:192.168.1.51/27014 to outside:203.xxx.xxx.226 from REGISTER message
Aug 24 2011    05:21:19    710005    203.xxx.xxx.226    99.xxx.xxx.107     UDP request discarded from 203.xxx.xxx.226/5060 to outside:99.xxx.xxx.107/1063

Here 99.xxx.xxx.107 is Our ASA Outside IP address 203.xxx.xxx.226 is Hosted server IP address. My ASA config is attached.

View 2 Replies View Related

Cisco Firewall :: ASA 5505 DHCP With MAC IP

May 10, 2012

I'm using an ASA5505 with dhcpd.but i want to assign a specific IP address from the configured dhcp range to a specific PC.Is it possible to bind a specific ip to this particular PC's MAC address.

View 1 Replies View Related

Cisco Firewall :: Nat With Asa 5505 9.1x Comcast Dhcp?

May 17, 2013

Well its in this line but do i have to type in a ip even if comcast is giving me a dhcp address?

route outside 0.0.0.0 0.0.0.0 any 1 
=============================
hostname asa1
domain-name mydomain.com
enable password rwt5UQJihEq2/Qae encrypted
names
!
interface Vlan1

[code].....

View 4 Replies View Related

Cisco Firewall :: 3560G - Using ASA 5505 As DHCP

Dec 4, 2011

I am opening a small branch office in another state and the equipment we purchased is as follows:
 
ASA5505
3560G.
 
We'll use a site to site vpn but just in case there's connectivity issues I'd like to use the ASA as DHCP. So far I have a scope defined in the ASA and if I plug a laptop directly in I get an applicable IP address. I trunked the port on the switch that goes to the ASA but not the one on the ASA itself (license restriction) The VLAN that I'm using for my PC's has an ip helper address that is assigned to the inside IP of the ASA.

View 5 Replies View Related

Cisco Firewall :: 172.16.10.1 / Allow Traffic Through Firewall To DHCP Server

Jun 11, 2013

My setup is as below
 
inside host--> ASA1--Outside interface- layer_ 2_Switch1--outside interface--> ASA2--inside interface-DHCP SERVER.
 
We want that inside host should get ip from subnet 192.168.10.0 /24. This ip pool is configured in DHCP server (ip 172.16.10.1) which is connected to ASA2. There is no routing issue as we are able to ping DHCP srever 172.16.10.1 from ASA1. to do config needed on  ASA1 and ASA2 , so that host connected to ASA1 inside interface can get ip from DHCP srever. We have configured 192.168.10.1 /24 to ASA1 inside interface which will be gateway to inside host of ASA1.

View 6 Replies View Related

Cisco Firewall :: Configure Multiple Dhcp On ASA 5505?

Dec 23, 2011

I want to configure multiple DHCP pool on ASA. that I create like
 
int e0/2
no shut
 
interface Ethernet0/2.10vlan 10nameif inside10security-level 100ip address 192.168.10.1 255.255.255.0
interface Ethernet0/2.20vlan 20       nameif inside20 security-level 100ip address 192.168.20.1 255.255.255.0
dhcpd address 192.168.10.10-192.168.10.254 inside10dhcpd dns x.x.x.x  y.y.y.y interface inside10dhcpd enable inside10
dhcpd address 192.168.20.10-192.168.20.254 inside20dhcpd dns h.h.h.h  z.z.z.z interface inside20dhcpd enable inside20
 
I have following query...
 
1. int e0/2 work as trunk port, is it?  any special confiduration require other than dot1Q?
 
2. How can I configure inside interface?  is it like,

    access-group inside_access_in_1 in interface inside10
    access-group inside_access_in_1 in interface inside10
 
3. How can I configure static NAT ?
 
4. How can i configured inside route?
 
5. How can I configured default NATing?
 
6. On which interface I access ASA? currently using inside interface.

View 5 Replies View Related

Cisco Firewall :: ASA 5505 And 5510 DHCP Limitations?

Nov 17, 2011

Our company is planning to buy one of cisco ASA 55xx series.But there is still one question left about DHCP pool limitations.Here I found some information about licensing for DHCP on ASA 5505: [URL]In other words, we don't have any information about ASA 5510, which contains DCHP pool licensing.

View 9 Replies View Related

Cisco Firewall :: ASA 5505 / Unable To Get Internet When Using DHCP?

Jun 28, 2011

I found a tricky task for our ASA 5505 firewall. I am not able to go internet when using DHCP but I can access by using fixed IP address in client PC.Same IP, Same Mask, Same DNS, Same Gateway. All the same but no hope. Any configuration i missed in firewall?

View 5 Replies View Related

Cisco Firewall :: 5505 Doesn't Recognize Ip Address Dhcp

Apr 16, 2013

my 5505 running on version 8.2.5 doesn't seem to recogize the simple command "ip address dhcp setroute......"
 
ciscoasa(config-if)# ip address dhcp
^
ERROR: % Invalid Hostname
ciscoasa(config-if)# ip address ?  
 
configure mode commands/options:  Hostname or A.B.C.D  Firewall's network interface address

View 7 Replies View Related

Cisco Firewall :: ASA 5505-ISP Providing DHCP And Separate IP Block

Mar 12, 2011

I have a ASA 5505 that I have been using for a while, but a new ISP is trying to configure my service so that the outside interface has to be configured as DHCP to receive a reserved IP address, and then they will route a separate, non-contiguous block of addresses to that address.
 
Essentially, they have a DHCP reservation for 1.2.3.4 for my ASA, and then they have 10.2.3.16/28 as a separate block routed to me.
 
Obviously, I can do my static NAT translations using outside as the address, but I cannot get the separate block of addresses to route through the ASA. Is there a way to do this and get them to work? My ASA is running 7.2(2)

View 3 Replies View Related

Cisco Firewall :: Multiple DHCP Pool Configuration On ASA 5505

Oct 4, 2012

I want to configure multiple DHCP configuration on ASA 5505. I tried to create sub interface for different IP Pool but it was not configure on ASA 5505. is it possible to create subinterface on ASA 5505?
 
ASA 5505 IOS version: 8.3(1)
License: Security Plus

View 4 Replies View Related

Cisco Firewall :: ASA 5505 / ACL To Allow Email Traffic Only To DHCP Clients?

Nov 14, 2011

So here's what I think I should do to give email access only to a segment of addresses of my inside network.
 
1) Create a network object for 62 machines that will represent my dhcp clients.I plan to use 192.168.0.65-192.168.0.126. So I will use address 192.168.0.64 with netmask 255.255.255.192. Then set DHCP server to service this address range.
 
2) Create an ACL which will Permit Any to use tcp port 110 (pop3) to get to the outside. Which leads me to question #1:
 
How do I permit the source "Any" to communicate with "Any Less Secure Networks" like the implicit rule that gets zapped once I create new ACL? Is "Any Less Secure Network" implied by the "Any" destination?
 
3) Create an ACL which will Deny my DHCP range to talk to the outside.
 
4) Create an ACL which will Permit Any to talk to Any Less Secure Network(essentially recreating the implicit Permit ACL that got zapped).

View 1 Replies View Related

Cisco Firewall :: 5505 - Opening Ports On DHCP Outside ASA Interface

Feb 25, 2011

I am used to setting up access-lists on outside interfaces with ip addresses that are static. I have recently been given a site that is using a dyndns.org client for name to ip address resolution on an outside interface that is dhcp assigned. I created an access-list to open up ports 41794 and 41795 to an engineering application but everytime I try to connect from the outside I get a syn timeout. The application works when inside the lan. Basically I want to allow outside connections from anywhere on the outside to go to ports 41794 and 41795. I am running a Cisco ASA 5505 on version 7.2(4) Below is my conifg. what I may have misconfigured?
  
: Saved:ASA Version 7.2(4)!names!interface Vlan1 nameif inside security-level 100 ip address 172.31.2.1 255.255.255.0!interface Vlan2 nameif outside security-level 0 ip address dhcp setroute!interface Ethernet0/0 switchport access vlan 2!interface

[Code].....

View 5 Replies View Related

Cisco Firewall :: 5505 - Show Current IP Address Of Interface (dhcp)

May 8, 2012

Is there any way of showing the currently assigned ip address for an interface configured to use DHCP on an ASA 5505?

View 2 Replies View Related

Cisco Firewall :: ASA 5505 / DNS Not Resolving To New Machines On Network After Increasing DHCP?

Aug 14, 2012

I am having a very strange issue with connecting new machines to reach the internet.We have a ASA 5505 which the previous tech configured the DHCP pool to 192.168.1.60 - 192.168.1.110
 
We ended up reaching our limit which I changed it to: 192.168.1.60 - 192.168.187
 
Then next day when I arrived to work, our DC was hung from windows updates. Once we got everything back up, every computer currently on the network can reach the internet/VPN tunnels etc. So (continuing with my day) I created a new server in a VM (Hyper-V)I can ping everything internally (even the router) 192.168.1.1, but I cannot resolve DNS. I have configured a static IP, tried Dynamic IP.I have looked for any ACL indicating to block outside the range of the old DHCP pool but no luck.On my local maching I can ping the DNS addresses, but just not on the new server.

View 1 Replies View Related

Cisco Firewall :: ASA 5505 Not Giving Out DHCP To Clients / Only Discovery Packet?

May 3, 2012

My ASA 5505 has stopped giving out DHCP address to my machines.Everything was working fine and nothing has changed in the network. I've reloaded the firewall and clear all DHCP on the firewall I've even re-entered the cmd on the ASA.
 
I'm able to staticlly assigned address to the clients and all is way. When I do a DHCP debug on the ASA I don't see any events relating to the DHCP service apart from checking for lease expiry.
 
I've also tried to plug a machine straight into the ASA and no result. I finally did a packet capture and I am seeing the client machine sending out a DHCP discover packet and nothing else is responding.
 
My ASA config is:
 
dhcpd address 192.168.3.10-192.168.3.33 inside
dhcpd dns 8.8.4.4 interface inside
dhcpd option 3 ip 192.168.3.1 interface inside
dhcpd enable inside

View 7 Replies View Related

Cisco :: Two Asa Firewall Between Dhcp Client And Server?

Oct 19, 2012

Can I have two asa firewall between dhcp client and dhcp server. if yes what solution i have to have to get dhcp leases. should i have to configure dhcp relay on both the asa.

View 5 Replies View Related

Cisco Firewall :: ASA 5505 - Dual ISP SLA Track With Primary PPOE Secondary DHCP

Aug 25, 2011

Cisco ASA 5505 Security Plus 1 link with PPOE dialup for internet access
 
desirable situation: Primary link with a PPOE dialup Secondary Link with DHCP address Asignment
 
Problem: i want to configure Dual ISP Failover modus, but the problem exist when i configure  the ip sla syntax it looks good in the running config. but after a reload the secondary line becomes primary
 
It looks like the ppoe client authentication is busy when the ip sla tracking mechanism becomes active. can i tweak the settings that the ip sla tracking mechanism starts later?
 
What i the correct config for Dual ISP setup with primary PPOE and secondary DHCP

View 1 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved