Then along comes your OUTSIDE vlan and wants that IP and it won't even talk to it. If the first person it's going to meet isĮth0/0.
The problem with this is that your eth0/0 has a MAC address and your OUTSIDE vlan has another (diffrent) MAC address. It identifies the device it meets by it's MAC address. Almost all of these devices marry the first device they meet. Your cable / FiOS / DSL modem most likely only has 1 public IP to hand out. This is the first hit on google and it hasn't been completely answered so I will leave these instructions here for anyone else that needs it (including me next time this happens). Everytime I research it I find dozens of dead ends and that Ars article about the guy who had this issue, couldn't figure it out so he dropped his ASA off his balcony. I've ran into this issue several time and it seems I keep forgetting the answer. See other config examples for Dynamic to Static L2l VPNs between PIX/ASA to IOS under site-to-site VPNS Have a look at this link for Dynamic to static L2L tunnel. As for optaining DNS from outside interface to pass to inside I belive you use dhcp outo_config outside but Im not %100 sure - have not faced this particular scenario, perhaps someone can confirm or just give it a try.įor your other request in creating an Ipsec tunnel between a dynamic ASA to another PIX or IOS router sure you can do it, as long the other end of the tunnel uses static. On ASA outside interface set it to dhcp with a setroute parameter to optain IP from ISP provider and have asa define default route.
0 kommentar(er)
