Re: Connecting an ASA Firewall directly to internet ethernet dropoff ?

2010-11-03 Thread Don Ely 
I was busy picking my jaw up off of the floor...

On Wed, Nov 3, 2010 at 7:28 PM, Andrew S. Baker  wrote:

> We were too busy shaking our heads... :)
>
> j/k
>
>
>  *ASB *(My XeeSM Profile) <http://xeesm.com/AndrewBaker>
> *Exploiting Technology for Business Advantage...*
> * *
>
>
>
> On Wed, Nov 3, 2010 at 3:37 PM, Raper, Jonathan - Eagle <
> jra...@eaglemds.com> wrote:
>
>>  I’m just glad I caught it and corrected myself before someone else did!
>>
>>
>>
>> J
>>
>>
>>
>> Jonathan L. Raper, A+, MCSA, MCSE
>> Technology Coordinator
>> Eagle Physicians & Associates, PA*
>> *jra...@eaglemds.com*
>> *www.eaglemds.com
>>  --
>>
>> *From:* Jon D [mailto:rekcahp...@gmail.com]
>> *Sent:* Wednesday, November 03, 2010 3:21 PM
>>
>> *To:* NT System Admin Issues
>>  *Subject:* Re: Connecting an ASA Firewall directly to internet ethernet
>> dropoff ?
>>
>>
>>
>> lol. Awesome. Got it. Thanks Jonathan.
>>
>>
>>
>>
>>
>> Jon
>>
>> On Wed, Nov 3, 2010 at 1:15 PM, Raper, Jonathan - Eagle <
>> jra...@eaglemds.com> wrote:
>>
>> I don’t know how I did that, but I just thoroughly fouled that up…not
>> thinking clearly at all…
>>
>>
>>
>> Head desk...about 10 times… I apologize for any confusion my previous
>> email may have caused. Corrected information in yellow follows (and has been
>> deleted from my email below).
>>
>>
>>
>> Bit placeholder
>>
>> 8
>>
>> 7
>>
>> 6
>>
>> 5
>>
>> 4
>>
>> 3
>>
>> 2
>>
>> 1
>>
>> Bit value
>>
>> 128
>>
>> 64
>>
>> 32
>>
>> 16
>>
>> 8
>>
>> 4
>>
>> 2
>>
>> 1
>>
>>
>>
>> 255.255.255.0 really equals…
>>
>>
>>
>> ...
>>
>>
>>
>> In your email, you mention a CIDR of /29, which really means a subnet mask
>> of 255.255.255.248, which really means…
>>
>>
>>
>> ...1000
>>
>>
>>
>> Also, CIDR/30 = 255.255.255.252 = ...1100
>>
>>
>>
>> HTH…
>>
>>
>>
>> Is it time for my vacation yet?
>>
>> Jonathan L. Raper, A+, MCSA, MCSE
>> Technology Coordinator
>> Eagle Physicians & Associates, PA*
>> *jra...@eaglemds.com*
>> *www.eaglemds.com
>>  --
>>
>> *From:* Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
>> *Sent:* Wednesday, November 03, 2010 12:08 PM
>>
>>
>> *To:* NT System Admin Issues
>>
>> *Subject:* [SPAM] - RE: Connecting an ASA Firewall directly to internet
>> ethernet dropoff ? - Domain does not exist
>>
>>
>>
>> That sounds reasonable. I'd ask your ISP to be certain. I'm guessing
>> Serial is their terminology. Anyone who understands subnetting SHOULD
>> understand CIDR.
>>
>>
>>
>> All it does is allow for simplified routing tables and notation.
>>
>>
>>
>> Example:
>>
>>
>>
>> 10.1.1.0/25 = 10.1.1.0 with a subnet mask of 255.255.255.0, which allows
>> for 254 useable IP addresses (count starting with 0, through 255 = 256,
>> subtract 2 (the top one for broadcast, and the bottom one for route) = 254
>> useable IP Addresses.
>>
>>
>>
>> Good explanation of CIDR's purpose is here:
>>
>>
>>
>> http://www.subnet-calculator.com/cidr.php
>>
>>
>>
>> If you know Binary, you can do subnetting (and CIDR falls into place).
>>
>>
>>
>> Jonathan L. Raper, A+, MCSA, MCSE
>>
>> Technology Coordinator
>>
>> Eagle Physicians & Associates, PA
>>
>> jra...@eaglemds.com
>>
>> www.eaglemds.com
>>
>>
>>
>>
>>
>> -Original Message-
>> From: Jon D [mailto:rekcahp...@gmail.com ]
>> Sent: Wednesday, November 03, 2010 11:45 AM
>> To: NT System Admin Issues
>> Subject: Re: Connecting an ASA Firewall directly to internet ethernet
>> dropoff ?
>>
>>
>>
>> Thanks. Honestly I'm not 100% sure I understand the difference between
>>
>> Serial and CIDR.
>>
>> I *think* Serial is the connection between my router(or firewall) and
>>
>> the ISPs router and

Re: Connecting an ASA Firewall directly to internet ethernet dropoff ?

2010-11-03 Thread Andrew S. Baker 
We were too busy shaking our heads... :)

j/k


*ASB *(My XeeSM Profile) <http://XeeSM.com/AndrewBaker>
*Exploiting Technology for Business Advantage...*
* *



On Wed, Nov 3, 2010 at 3:37 PM, Raper, Jonathan - Eagle  wrote:

>  I’m just glad I caught it and corrected myself before someone else did!
>
>
>
> J
>
>
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA*
> *jra...@eaglemds.com*
> *www.eaglemds.com
>   --
>
> *From:* Jon D [mailto:rekcahp...@gmail.com]
> *Sent:* Wednesday, November 03, 2010 3:21 PM
>
> *To:* NT System Admin Issues
> *Subject:* Re: Connecting an ASA Firewall directly to internet ethernet
> dropoff ?
>
>
>
> lol. Awesome. Got it. Thanks Jonathan.
>
>
>
>
>
> Jon
>
> On Wed, Nov 3, 2010 at 1:15 PM, Raper, Jonathan - Eagle <
> jra...@eaglemds.com> wrote:
>
> I don’t know how I did that, but I just thoroughly fouled that up…not
> thinking clearly at all…
>
>
>
> Head desk...about 10 times… I apologize for any confusion my previous email
> may have caused. Corrected information in yellow follows (and has been
> deleted from my email below).
>
>
>
> Bit placeholder
>
> 8
>
> 7
>
> 6
>
> 5
>
> 4
>
> 3
>
> 2
>
> 1
>
> Bit value
>
> 128
>
> 64
>
> 32
>
> 16
>
> 8
>
> 4
>
> 2
>
> 1
>
>
>
> 255.255.255.0 really equals…
>
>
>
> ...
>
>
>
> In your email, you mention a CIDR of /29, which really means a subnet mask
> of 255.255.255.248, which really means…
>
>
>
> ...1000
>
>
>
> Also, CIDR/30 = 255.255.255.252 = ...1100
>
>
>
> HTH…
>
>
>
> Is it time for my vacation yet?
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA*
> *jra...@eaglemds.com*
> *www.eaglemds.com
>   --
>
> *From:* Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
> *Sent:* Wednesday, November 03, 2010 12:08 PM
>
>
> *To:* NT System Admin Issues
>
> *Subject:* [SPAM] - RE: Connecting an ASA Firewall directly to internet
> ethernet dropoff ? - Domain does not exist
>
>
>
> That sounds reasonable. I'd ask your ISP to be certain. I'm guessing Serial
> is their terminology. Anyone who understands subnetting SHOULD understand
> CIDR.
>
>
>
> All it does is allow for simplified routing tables and notation.
>
>
>
> Example:
>
>
>
> 10.1.1.0/25 = 10.1.1.0 with a subnet mask of 255.255.255.0, which allows
> for 254 useable IP addresses (count starting with 0, through 255 = 256,
> subtract 2 (the top one for broadcast, and the bottom one for route) = 254
> useable IP Addresses.
>
>
>
> Good explanation of CIDR's purpose is here:
>
>
>
> http://www.subnet-calculator.com/cidr.php
>
>
>
> If you know Binary, you can do subnetting (and CIDR falls into place).
>
>
>
> Jonathan L. Raper, A+, MCSA, MCSE
>
> Technology Coordinator
>
> Eagle Physicians & Associates, PA
>
> jra...@eaglemds.com
>
> www.eaglemds.com
>
>
>
>
>
> -Original Message-
> From: Jon D [mailto:rekcahp...@gmail.com ]
> Sent: Wednesday, November 03, 2010 11:45 AM
> To: NT System Admin Issues
> Subject: Re: Connecting an ASA Firewall directly to internet ethernet
> dropoff ?
>
>
>
> Thanks. Honestly I'm not 100% sure I understand the difference between
>
> Serial and CIDR.
>
> I *think* Serial is the connection between my router(or firewall) and
>
> the ISPs router and
>
> CIDR is the publically addressable IP addresses. Is CIDR just the term
>
> to say for example, a class C is split up into several smaller ranges?
>
> Like 6 IPs instead of 255, or does it mean something else?
>
>
>
> Thanks again for your help. I love learning new stuff.  :)
>
>
>
>
>
>
>
>
>
> On Wed, Nov 3, 2010 at 11:18 AM, Raper, Jonathan - Eagle
>
>  wrote:
>
> > Jon,
>
> >
>
> > No problem. I would ask your ISP what they mean by "Serial" versus CIDR.
>
> >
>
> > How many IP Addresses did you request originally?
>
> >
>
> > The first one you list provides an address range of 182.40.6.12 -
> 134.40.6.15 with a subnet mask of 255.255.255.252 (hence the CIDR /30), with
> 2 useable IP Addresses. I'm guessing 182.40.6.12 may be where you point your
> default route?
>
> >
>
> > The s

RE: Connecting an ASA Firewall directly to internet ethernet dropoff ?

2010-11-03 Thread Raper, Jonathan - Eagle 
I don't know how I did that, but I just thoroughly fouled that up...not 
thinking clearly at all...

Head desk...about 10 times... I apologize for any confusion my previous email 
may have caused. Corrected information in yellow follows (and has been deleted 
from my email below).

Bit placeholder

8

7

6

5

4

3

2

1

Bit value

128

64

32

16

8

4

2

1


255.255.255.0 really equals...

...

In your email, you mention a CIDR of /29, which really means a subnet mask of 
255.255.255.248, which really means...

...1000

Also, CIDR/30 = 255.255.255.252 = ...1100

HTH...

Is it time for my vacation yet?

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>


From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Wednesday, November 03, 2010 12:08 PM
To: NT System Admin Issues
Subject: [SPAM] - RE: Connecting an ASA Firewall directly to internet ethernet 
dropoff ? - Domain does not exist

That sounds reasonable. I'd ask your ISP to be certain. I'm guessing Serial is 
their terminology. Anyone who understands subnetting SHOULD understand CIDR.

All it does is allow for simplified routing tables and notation.

Example:

10.1.1.0/25 = 10.1.1.0 with a subnet mask of 255.255.255.0, which allows for 
254 useable IP addresses (count starting with 0, through 255 = 256, subtract 2 
(the top one for broadcast, and the bottom one for route) = 254 useable IP 
Addresses.

Good explanation of CIDR's purpose is here:

http://www.subnet-calculator.com/cidr.php

If you know Binary, you can do subnetting (and CIDR falls into place).

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com<http://www.eaglemds.com>


-Original Message-
From: Jon D [mailto:rekcahp...@gmail.com]
Sent: Wednesday, November 03, 2010 11:45 AM
To: NT System Admin Issues
Subject: Re: Connecting an ASA Firewall directly to internet ethernet dropoff ?

Thanks. Honestly I'm not 100% sure I understand the difference between
Serial and CIDR.
I *think* Serial is the connection between my router(or firewall) and
the ISPs router and
CIDR is the publically addressable IP addresses. Is CIDR just the term
to say for example, a class C is split up into several smaller ranges?
Like 6 IPs instead of 255, or does it mean something else?

Thanks again for your help. I love learning new stuff.  :)




On Wed, Nov 3, 2010 at 11:18 AM, Raper, Jonathan - Eagle
 wrote:
> Jon,
>
> No problem. I would ask your ISP what they mean by "Serial" versus CIDR.
>
> How many IP Addresses did you request originally?
>
> The first one you list provides an address range of 182.40.6.12 - 134.40.6.15 
> with a subnet mask of 255.255.255.252 (hence the CIDR /30), with 2 useable IP 
> Addresses. I'm guessing 182.40.6.12 may be where you point your default route?
>
> The second one you list provides an address range of 134.120.4.0 - 
> 134.120.4.7, with a subnet mask of 255.255.255.248 (hence the CIDR /29), with 
> 6 useable IP Addresses.
>
> You said you're new to this - do you understand the concept of CIDR? (don't 
> feel bad if you don't - we're here to help!)
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com<http://www.eaglemds.com>
>
>
> -Original Message-----
> From: Jon D [mailto:rekcahp...@gmail.com]
> Sent: Wednesday, November 03, 2010 10:48 AM
> To: NT System Admin Issues
> Subject: Re: Connecting an ASA Firewall directly to internet ethernet dropoff 
> ?
>
> Good question. I'm new to this. Our ISP gave me something like this
>
> Serial 182.40.6.14/30
> CIDR 134.120.4.6/29
>
> The internet side of the ASA is connected to the 182.40.6.x range and
> it can ping out. So maybe I should just ignore the 134.120.4.x range?
>
>
>
>
>
>
> On Wed, Nov 3, 2010 at 10:18 AM, Raper, Jonathan - Eagle
>  wrote:
>> Our Internet connection comes straight into our ASA. I understand CIDR, but 
>> what do you mean by "serial IP"?
>>
>> Your default route in your ASA would point to your ISP's gateway address 
>> that they provide you.
>>
>> Jonathan L. Raper, A+, MCSA, MCSE
>> Technology Coordinator
>> Eagle Physicians & Associates, PA
>> jra...@eaglemds.com
>> www.eaglemds.com<http://www.eaglemds.com>
>>
>>
>> -Original Message-
>> From: Jon D [mailto:rekcahp...@gmail.com]
>> Sent: Wednesday, November 03, 2010 9:

RE: [SPAM] - RE: Connecting an ASA Firewall directly to internet ethernet dropoff ? - Domain does not exist

2010-11-03 Thread Raper, Jonathan - Eagle 
I don't know how I did that, but I just thoroughly fouled that up...not 
thinking clearly at all...

Head desk...about 10 times... I apologize for any confusion my previous email 
may have caused. Corrected information in yellow follows (and has been deleted 
from my email below).

Bit placeholder

8

7

6

5

4

3

2

1

Bit value

128

64

32

16

8

4

2

1


255.255.255.0 really equals...

...

In your email, you mention a CIDR of /29, which really means a subnet mask of 
255.255.255.248, which really means...

...1000

Also, CIDR/30 = 255.255.255.252 = ...1100

HTH...

Is it time for my vacation yet?

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.commailto:%20jra...@eaglemds.com>
www.eaglemds.comhttp://www.eaglemds.com/>


From: Raper, Jonathan - Eagle [mailto:jra...@eaglemds.com]
Sent: Wednesday, November 03, 2010 12:08 PM
To: NT System Admin Issues
Subject: [SPAM] - RE: Connecting an ASA Firewall directly to internet ethernet 
dropoff ? - Domain does not exist

That sounds reasonable. I'd ask your ISP to be certain. I'm guessing Serial is 
their terminology. Anyone who understands subnetting SHOULD understand CIDR.

All it does is allow for simplified routing tables and notation.

Example:

10.1.1.0/25 = 10.1.1.0 with a subnet mask of 255.255.255.0, which allows for 
254 useable IP addresses (count starting with 0, through 255 = 256, subtract 2 
(the top one for broadcast, and the bottom one for route) = 254 useable IP 
Addresses.

Good explanation of CIDR's purpose is here:

http://www.subnet-calculator.com/cidr.php

If you know Binary, you can do subnetting (and CIDR falls into place).

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com<http://www.eaglemds.com>


-Original Message-
From: Jon D [mailto:rekcahp...@gmail.com]
Sent: Wednesday, November 03, 2010 11:45 AM
To: NT System Admin Issues
Subject: Re: Connecting an ASA Firewall directly to internet ethernet dropoff ?

Thanks. Honestly I'm not 100% sure I understand the difference between
Serial and CIDR.
I *think* Serial is the connection between my router(or firewall) and
the ISPs router and
CIDR is the publically addressable IP addresses. Is CIDR just the term
to say for example, a class C is split up into several smaller ranges?
Like 6 IPs instead of 255, or does it mean something else?

Thanks again for your help. I love learning new stuff.  :)




On Wed, Nov 3, 2010 at 11:18 AM, Raper, Jonathan - Eagle
 wrote:
> Jon,
>
> No problem. I would ask your ISP what they mean by "Serial" versus CIDR.
>
> How many IP Addresses did you request originally?
>
> The first one you list provides an address range of 182.40.6.12 - 134.40.6.15 
> with a subnet mask of 255.255.255.252 (hence the CIDR /30), with 2 useable IP 
> Addresses. I'm guessing 182.40.6.12 may be where you point your default route?
>
> The second one you list provides an address range of 134.120.4.0 - 
> 134.120.4.7, with a subnet mask of 255.255.255.248 (hence the CIDR /29), with 
> 6 useable IP Addresses.
>
> You said you're new to this - do you understand the concept of CIDR? (don't 
> feel bad if you don't - we're here to help!)
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com<http://www.eaglemds.com>
>
>
> -Original Message-----
> From: Jon D [mailto:rekcahp...@gmail.com]
> Sent: Wednesday, November 03, 2010 10:48 AM
> To: NT System Admin Issues
> Subject: Re: Connecting an ASA Firewall directly to internet ethernet dropoff 
> ?
>
> Good question. I'm new to this. Our ISP gave me something like this
>
> Serial 182.40.6.14/30
> CIDR 134.120.4.6/29
>
> The internet side of the ASA is connected to the 182.40.6.x range and
> it can ping out. So maybe I should just ignore the 134.120.4.x range?
>
>
>
>
>
>
> On Wed, Nov 3, 2010 at 10:18 AM, Raper, Jonathan - Eagle
>  wrote:
>> Our Internet connection comes straight into our ASA. I understand CIDR, but 
>> what do you mean by "serial IP"?
>>
>> Your default route in your ASA would point to your ISP's gateway address 
>> that they provide you.
>>
>> Jonathan L. Raper, A+, MCSA, MCSE
>> Technology Coordinator
>> Eagle Physicians & Associates, PA
>> jra...@eaglemds.com
>> www.eaglemds.com<http://www.eaglemds.com>
>>
>>
>> -Original Message-
>> From: Jon D [mailto:rekcahp...@gmail.com]
>> Sent: Wednesday, November 03, 2010 9:

RE: Connecting an ASA Firewall directly to internet ethernet dropoff ?

2010-11-03 Thread Raper, Jonathan - Eagle 
+1 - that was what I was thinking, and had to re-read the OP question to make 
sure he wasn't talking about some kind of Serial WIC (Wan Interface Card). 
Perhaps that's where it comes from and they just haven't changed their 
terminology to keep up with the times? I'd love to know the answer as to why 
they refer to it as "serial".

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com 


-Original Message-
From: Mayo, Bill [mailto:bem...@pittcountync.gov] 
Sent: Wednesday, November 03, 2010 11:56 AM
To: NT System Admin Issues
Subject: RE: Connecting an ASA Firewall directly to internet ethernet dropoff ?

I think you are correct about the serial connection being between you and the 
ISP's routers.  When I see "serial" associated with a router, I assume that it 
is some type of telco/serial connection (e.g. T1).  A typical connection to an 
ISP would be some kind of telco line to which you would have a serial 
connection to your router.  That serial connection requires a network in order 
to route between you and the ISP (at least an IP address for your serial 
interface and one for theirs).  You can then also have an address range that is 
available for you to use for your public IP's.  If you don't have a 
telco/serial connection to your ISP, then I am not sure why that term would be 
used.

-Original Message-
From: Jon D [mailto:rekcahp...@gmail.com] 
Sent: Wednesday, November 03, 2010 11:45 AM
To: NT System Admin Issues
Subject: Re: Connecting an ASA Firewall directly to internet ethernet dropoff ?

Thanks. Honestly I'm not 100% sure I understand the difference between Serial 
and CIDR.
I *think* Serial is the connection between my router(or firewall) and the ISPs 
router and CIDR is the publically addressable IP addresses. Is CIDR just the 
term to say for example, a class C is split up into several smaller ranges?
Like 6 IPs instead of 255, or does it mean something else?

Thanks again for your help. I love learning new stuff.  :)




On Wed, Nov 3, 2010 at 11:18 AM, Raper, Jonathan - Eagle  
wrote:
> Jon,
>
> No problem. I would ask your ISP what they mean by "Serial" versus CIDR.
>
> How many IP Addresses did you request originally?
>
> The first one you list provides an address range of 182.40.6.12 - 134.40.6.15 
> with a subnet mask of 255.255.255.252 (hence the CIDR /30), with 2 useable IP 
> Addresses. I'm guessing 182.40.6.12 may be where you point your default route?
>
> The second one you list provides an address range of 134.120.4.0 - 
> 134.120.4.7, with a subnet mask of 255.255.255.248 (hence the CIDR /29), with 
> 6 useable IP Addresses.
>
> You said you're new to this - do you understand the concept of CIDR? 
> (don't feel bad if you don't - we're here to help!)
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
>
>
> -Original Message-
> From: Jon D [mailto:rekcahp...@gmail.com]
> Sent: Wednesday, November 03, 2010 10:48 AM
> To: NT System Admin Issues
> Subject: Re: Connecting an ASA Firewall directly to internet ethernet dropoff 
> ?
>
> Good question. I'm new to this. Our ISP gave me something like this
>
> Serial 182.40.6.14/30
> CIDR 134.120.4.6/29
>
> The internet side of the ASA is connected to the 182.40.6.x range and 
> it can ping out. So maybe I should just ignore the 134.120.4.x range?
>
>
>
>
>
>
> On Wed, Nov 3, 2010 at 10:18 AM, Raper, Jonathan - Eagle 
>  wrote:
>> Our Internet connection comes straight into our ASA. I understand CIDR, but 
>> what do you mean by "serial IP"?
>>
>> Your default route in your ASA would point to your ISP's gateway address 
>> that they provide you.
>>
>> Jonathan L. Raper, A+, MCSA, MCSE
>> Technology Coordinator
>> Eagle Physicians & Associates, PA
>> jra...@eaglemds.com
>> www.eaglemds.com
>>
>>
>> -Original Message-
>> From: Jon D [mailto:rekcahp...@gmail.com]
>> Sent: Wednesday, November 03, 2010 9:59 AM
>> To: NT System Admin Issues
>> Subject: Connecting an ASA Firewall directly to internet ethernet dropoff ?
>>
>> If you have an ethernet drop off to the internet, and a new Cisco 
>> ASA, and no router, can you connect it to the internet?
>> I have a CIDR range, and a Serial range.
>>
>> Right now I have 1 interface with an inside natted address and 1 
>> interface with a serial ip.
>> Should I have a 3rd interface configured with an ip from the CIDR range?
>>
>> I can currently, from the ASA, ping inside and out

RE: Connecting an ASA Firewall directly to internet ethernet dropoff ?

2010-11-03 Thread Raper, Jonathan - Eagle 
That sounds reasonable. I'd ask your ISP to be certain. I'm guessing Serial is 
their terminology. Anyone who understands subnetting SHOULD understand CIDR.

All it does is allow for simplified routing tables and notation.

Example:

10.1.1.0/25 = 10.1.1.0 with a subnet mask of 255.255.255.0, which allows for 
254 useable IP addresses (count starting with 0, through 255 = 256, subtract 2 
(the top one for broadcast, and the bottom one for route) = 254 useable IP 
Addresses.

Good explanation of CIDR's purpose is here:

http://www.subnet-calculator.com/cidr.php

If you know Binary, you can do subnetting (and CIDR falls into place).

Bit placeholder 8   7   6   5   4   3   2   1
Bit value   255 254 252 248 240 224 192 128

255.255.255.0 really equals...

...

In your email, you mention a CIDR of /29, which really means a subnet mask of 
255.255.255.248, which really means...

...0001

Also, CIDR/30 = 255.255.255.252 = ...0010

HTH...

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: Jon D [mailto:rekcahp...@gmail.com]
Sent: Wednesday, November 03, 2010 11:45 AM
To: NT System Admin Issues
Subject: Re: Connecting an ASA Firewall directly to internet ethernet dropoff ?

Thanks. Honestly I'm not 100% sure I understand the difference between
Serial and CIDR.
I *think* Serial is the connection between my router(or firewall) and
the ISPs router and
CIDR is the publically addressable IP addresses. Is CIDR just the term
to say for example, a class C is split up into several smaller ranges?
Like 6 IPs instead of 255, or does it mean something else?

Thanks again for your help. I love learning new stuff.  :)




On Wed, Nov 3, 2010 at 11:18 AM, Raper, Jonathan - Eagle
 wrote:
> Jon,
>
> No problem. I would ask your ISP what they mean by "Serial" versus CIDR.
>
> How many IP Addresses did you request originally?
>
> The first one you list provides an address range of 182.40.6.12 - 134.40.6.15 
> with a subnet mask of 255.255.255.252 (hence the CIDR /30), with 2 useable IP 
> Addresses. I'm guessing 182.40.6.12 may be where you point your default route?
>
> The second one you list provides an address range of 134.120.4.0 - 
> 134.120.4.7, with a subnet mask of 255.255.255.248 (hence the CIDR /29), with 
> 6 useable IP Addresses.
>
> You said you're new to this - do you understand the concept of CIDR? (don't 
> feel bad if you don't - we're here to help!)
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
>
>
> -Original Message-----
> From: Jon D [mailto:rekcahp...@gmail.com]
> Sent: Wednesday, November 03, 2010 10:48 AM
> To: NT System Admin Issues
> Subject: Re: Connecting an ASA Firewall directly to internet ethernet dropoff 
> ?
>
> Good question. I'm new to this. Our ISP gave me something like this
>
> Serial 182.40.6.14/30
> CIDR 134.120.4.6/29
>
> The internet side of the ASA is connected to the 182.40.6.x range and
> it can ping out. So maybe I should just ignore the 134.120.4.x range?
>
>
>
>
>
>
> On Wed, Nov 3, 2010 at 10:18 AM, Raper, Jonathan - Eagle
>  wrote:
>> Our Internet connection comes straight into our ASA. I understand CIDR, but 
>> what do you mean by "serial IP"?
>>
>> Your default route in your ASA would point to your ISP's gateway address 
>> that they provide you.
>>
>> Jonathan L. Raper, A+, MCSA, MCSE
>> Technology Coordinator
>> Eagle Physicians & Associates, PA
>> jra...@eaglemds.com
>> www.eaglemds.com
>>
>>
>> -Original Message-
>> From: Jon D [mailto:rekcahp...@gmail.com]
>> Sent: Wednesday, November 03, 2010 9:59 AM
>> To: NT System Admin Issues
>> Subject: Connecting an ASA Firewall directly to internet ethernet dropoff ?
>>
>> If you have an ethernet drop off to the internet, and a new Cisco ASA,
>> and no router, can you connect it to the internet?
>> I have a CIDR range, and a Serial range.
>>
>> Right now I have 1 interface with an inside natted address and 1
>> interface with a serial ip.
>> Should I have a 3rd interface configured with an ip from the CIDR range?
>>
>> I can currently, from the ASA, ping inside and outside, but I can't
>> hit anything to the CIDR range
>>
>>
>>
>>
>> Thanks,
>> Jon
>>
>> ~ Finally, powerful endpoint security that ISN'T a resour

RE: Connecting an ASA Firewall directly to internet ethernet dropoff ?

2010-11-03 Thread Mayo, Bill 
I think you are correct about the serial connection being between you and the 
ISP's routers.  When I see "serial" associated with a router, I assume that it 
is some type of telco/serial connection (e.g. T1).  A typical connection to an 
ISP would be some kind of telco line to which you would have a serial 
connection to your router.  That serial connection requires a network in order 
to route between you and the ISP (at least an IP address for your serial 
interface and one for theirs).  You can then also have an address range that is 
available for you to use for your public IP's.  If you don't have a 
telco/serial connection to your ISP, then I am not sure why that term would be 
used.

-Original Message-
From: Jon D [mailto:rekcahp...@gmail.com] 
Sent: Wednesday, November 03, 2010 11:45 AM
To: NT System Admin Issues
Subject: Re: Connecting an ASA Firewall directly to internet ethernet dropoff ?

Thanks. Honestly I'm not 100% sure I understand the difference between Serial 
and CIDR.
I *think* Serial is the connection between my router(or firewall) and the ISPs 
router and CIDR is the publically addressable IP addresses. Is CIDR just the 
term to say for example, a class C is split up into several smaller ranges?
Like 6 IPs instead of 255, or does it mean something else?

Thanks again for your help. I love learning new stuff.  :)




On Wed, Nov 3, 2010 at 11:18 AM, Raper, Jonathan - Eagle  
wrote:
> Jon,
>
> No problem. I would ask your ISP what they mean by "Serial" versus CIDR.
>
> How many IP Addresses did you request originally?
>
> The first one you list provides an address range of 182.40.6.12 - 134.40.6.15 
> with a subnet mask of 255.255.255.252 (hence the CIDR /30), with 2 useable IP 
> Addresses. I'm guessing 182.40.6.12 may be where you point your default route?
>
> The second one you list provides an address range of 134.120.4.0 - 
> 134.120.4.7, with a subnet mask of 255.255.255.248 (hence the CIDR /29), with 
> 6 useable IP Addresses.
>
> You said you're new to this - do you understand the concept of CIDR? 
> (don't feel bad if you don't - we're here to help!)
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
>
>
> -Original Message-
> From: Jon D [mailto:rekcahp...@gmail.com]
> Sent: Wednesday, November 03, 2010 10:48 AM
> To: NT System Admin Issues
> Subject: Re: Connecting an ASA Firewall directly to internet ethernet dropoff 
> ?
>
> Good question. I'm new to this. Our ISP gave me something like this
>
> Serial 182.40.6.14/30
> CIDR 134.120.4.6/29
>
> The internet side of the ASA is connected to the 182.40.6.x range and 
> it can ping out. So maybe I should just ignore the 134.120.4.x range?
>
>
>
>
>
>
> On Wed, Nov 3, 2010 at 10:18 AM, Raper, Jonathan - Eagle 
>  wrote:
>> Our Internet connection comes straight into our ASA. I understand CIDR, but 
>> what do you mean by "serial IP"?
>>
>> Your default route in your ASA would point to your ISP's gateway address 
>> that they provide you.
>>
>> Jonathan L. Raper, A+, MCSA, MCSE
>> Technology Coordinator
>> Eagle Physicians & Associates, PA
>> jra...@eaglemds.com
>> www.eaglemds.com
>>
>>
>> -Original Message-
>> From: Jon D [mailto:rekcahp...@gmail.com]
>> Sent: Wednesday, November 03, 2010 9:59 AM
>> To: NT System Admin Issues
>> Subject: Connecting an ASA Firewall directly to internet ethernet dropoff ?
>>
>> If you have an ethernet drop off to the internet, and a new Cisco 
>> ASA, and no router, can you connect it to the internet?
>> I have a CIDR range, and a Serial range.
>>
>> Right now I have 1 interface with an inside natted address and 1 
>> interface with a serial ip.
>> Should I have a 3rd interface configured with an ip from the CIDR range?
>>
>> I can currently, from the ASA, ping inside and outside, but I can't 
>> hit anything to the CIDR range
>>
>>
>>
>>
>> Thanks,
>> Jon
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ 
>> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here: 
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>> Any medical information contained in this electronic message is CONFIDENTIAL 
>> and privileged. It is unlawful for unauthorized persons to view, copy, 
>

Re: Connecting an ASA Firewall directly to internet ethernet dropoff ?

2010-11-03 Thread Jon D 
Thanks. Honestly I'm not 100% sure I understand the difference between
Serial and CIDR.
I *think* Serial is the connection between my router(or firewall) and
the ISPs router and
CIDR is the publically addressable IP addresses. Is CIDR just the term
to say for example, a class C is split up into several smaller ranges?
Like 6 IPs instead of 255, or does it mean something else?

Thanks again for your help. I love learning new stuff.  :)




On Wed, Nov 3, 2010 at 11:18 AM, Raper, Jonathan - Eagle
 wrote:
> Jon,
>
> No problem. I would ask your ISP what they mean by "Serial" versus CIDR.
>
> How many IP Addresses did you request originally?
>
> The first one you list provides an address range of 182.40.6.12 - 134.40.6.15 
> with a subnet mask of 255.255.255.252 (hence the CIDR /30), with 2 useable IP 
> Addresses. I'm guessing 182.40.6.12 may be where you point your default route?
>
> The second one you list provides an address range of 134.120.4.0 - 
> 134.120.4.7, with a subnet mask of 255.255.255.248 (hence the CIDR /29), with 
> 6 useable IP Addresses.
>
> You said you're new to this - do you understand the concept of CIDR? (don't 
> feel bad if you don't - we're here to help!)
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
>
>
> -Original Message-
> From: Jon D [mailto:rekcahp...@gmail.com]
> Sent: Wednesday, November 03, 2010 10:48 AM
> To: NT System Admin Issues
> Subject: Re: Connecting an ASA Firewall directly to internet ethernet dropoff 
> ?
>
> Good question. I'm new to this. Our ISP gave me something like this
>
> Serial 182.40.6.14/30
> CIDR 134.120.4.6/29
>
> The internet side of the ASA is connected to the 182.40.6.x range and
> it can ping out. So maybe I should just ignore the 134.120.4.x range?
>
>
>
>
>
>
> On Wed, Nov 3, 2010 at 10:18 AM, Raper, Jonathan - Eagle
>  wrote:
>> Our Internet connection comes straight into our ASA. I understand CIDR, but 
>> what do you mean by "serial IP"?
>>
>> Your default route in your ASA would point to your ISP's gateway address 
>> that they provide you.
>>
>> Jonathan L. Raper, A+, MCSA, MCSE
>> Technology Coordinator
>> Eagle Physicians & Associates, PA
>> jra...@eaglemds.com
>> www.eaglemds.com
>>
>>
>> -Original Message-
>> From: Jon D [mailto:rekcahp...@gmail.com]
>> Sent: Wednesday, November 03, 2010 9:59 AM
>> To: NT System Admin Issues
>> Subject: Connecting an ASA Firewall directly to internet ethernet dropoff ?
>>
>> If you have an ethernet drop off to the internet, and a new Cisco ASA,
>> and no router, can you connect it to the internet?
>> I have a CIDR range, and a Serial range.
>>
>> Right now I have 1 interface with an inside natted address and 1
>> interface with a serial ip.
>> Should I have a 3rd interface configured with an ip from the CIDR range?
>>
>> I can currently, from the ASA, ping inside and outside, but I can't
>> hit anything to the CIDR range
>>
>>
>>
>>
>> Thanks,
>> Jon
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here: 
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.sunbeltsoftware.com
>> with the body: unsubscribe ntsysadmin
>>
>> Any medical information contained in this electronic message is CONFIDENTIAL 
>> and privileged. It is unlawful for unauthorized persons to view, copy, 
>> disclose, or disseminate CONFIDENTIAL information. This electronic message 
>> may contain information that is confidential and/or legally privileged. It 
>> is intended only for the use of the individual(s) and/or entity named as 
>> recipients in the message. If you are not an intended recipient of this 
>> message, please notify the sender immediately and delete this material from 
>> your computer. Do not deliver, distribute or copy this message, and do not 
>> disclose its contents or take any action in reliance on the information that 
>> it contains.
>>
>> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
>> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>>
>> ---
>> To manage subscriptions click here: 
>> http://lyris.sunbelt-software.com/read/my_forums/
>> or send an email to listmana...@lyris.su

RE: Connecting an ASA Firewall directly to internet ethernet dropoff ?

2010-11-03 Thread Raper, Jonathan - Eagle 
Jon,

No problem. I would ask your ISP what they mean by "Serial" versus CIDR.

How many IP Addresses did you request originally?

The first one you list provides an address range of 182.40.6.12 - 134.40.6.15 
with a subnet mask of 255.255.255.252 (hence the CIDR /30), with 2 useable IP 
Addresses. I'm guessing 182.40.6.12 may be where you point your default route?

The second one you list provides an address range of 134.120.4.0 - 134.120.4.7, 
with a subnet mask of 255.255.255.248 (hence the CIDR /29), with 6 useable IP 
Addresses.

You said you're new to this - do you understand the concept of CIDR? (don't 
feel bad if you don't - we're here to help!)

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com 


-Original Message-
From: Jon D [mailto:rekcahp...@gmail.com] 
Sent: Wednesday, November 03, 2010 10:48 AM
To: NT System Admin Issues
Subject: Re: Connecting an ASA Firewall directly to internet ethernet dropoff ?

Good question. I'm new to this. Our ISP gave me something like this

Serial 182.40.6.14/30
CIDR 134.120.4.6/29

The internet side of the ASA is connected to the 182.40.6.x range and
it can ping out. So maybe I should just ignore the 134.120.4.x range?






On Wed, Nov 3, 2010 at 10:18 AM, Raper, Jonathan - Eagle
 wrote:
> Our Internet connection comes straight into our ASA. I understand CIDR, but 
> what do you mean by "serial IP"?
>
> Your default route in your ASA would point to your ISP's gateway address that 
> they provide you.
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
>
>
> -Original Message-
> From: Jon D [mailto:rekcahp...@gmail.com]
> Sent: Wednesday, November 03, 2010 9:59 AM
> To: NT System Admin Issues
> Subject: Connecting an ASA Firewall directly to internet ethernet dropoff ?
>
> If you have an ethernet drop off to the internet, and a new Cisco ASA,
> and no router, can you connect it to the internet?
> I have a CIDR range, and a Serial range.
>
> Right now I have 1 interface with an inside natted address and 1
> interface with a serial ip.
> Should I have a 3rd interface configured with an ip from the CIDR range?
>
> I can currently, from the ASA, ping inside and outside, but I can't
> hit anything to the CIDR range
>
>
>
>
> Thanks,
> Jon
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> Any medical information contained in this electronic message is CONFIDENTIAL 
> and privileged. It is unlawful for unauthorized persons to view, copy, 
> disclose, or disseminate CONFIDENTIAL information. This electronic message 
> may contain information that is confidential and/or legally privileged. It is 
> intended only for the use of the individual(s) and/or entity named as 
> recipients in the message. If you are not an intended recipient of this 
> message, please notify the sender immediately and delete this material from 
> your computer. Do not deliver, distribute or copy this message, and do not 
> disclose its contents or take any action in reliance on the information that 
> it contains.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin


~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Connecting an ASA Firewall directly to internet ethernet dropoff ?

2010-11-03 Thread Jon D 
Good question. I'm new to this. Our ISP gave me something like this

Serial 182.40.6.14/30
CIDR 134.120.4.6/29

The internet side of the ASA is connected to the 182.40.6.x range and
it can ping out. So maybe I should just ignore the 134.120.4.x range?






On Wed, Nov 3, 2010 at 10:18 AM, Raper, Jonathan - Eagle
 wrote:
> Our Internet connection comes straight into our ASA. I understand CIDR, but 
> what do you mean by "serial IP"?
>
> Your default route in your ASA would point to your ISP's gateway address that 
> they provide you.
>
> Jonathan L. Raper, A+, MCSA, MCSE
> Technology Coordinator
> Eagle Physicians & Associates, PA
> jra...@eaglemds.com
> www.eaglemds.com
>
>
> -Original Message-
> From: Jon D [mailto:rekcahp...@gmail.com]
> Sent: Wednesday, November 03, 2010 9:59 AM
> To: NT System Admin Issues
> Subject: Connecting an ASA Firewall directly to internet ethernet dropoff ?
>
> If you have an ethernet drop off to the internet, and a new Cisco ASA,
> and no router, can you connect it to the internet?
> I have a CIDR range, and a Serial range.
>
> Right now I have 1 interface with an inside natted address and 1
> interface with a serial ip.
> Should I have a 3rd interface configured with an ip from the CIDR range?
>
> I can currently, from the ASA, ping inside and outside, but I can't
> hit anything to the CIDR range
>
>
>
>
> Thanks,
> Jon
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
> Any medical information contained in this electronic message is CONFIDENTIAL 
> and privileged. It is unlawful for unauthorized persons to view, copy, 
> disclose, or disseminate CONFIDENTIAL information. This electronic message 
> may contain information that is confidential and/or legally privileged. It is 
> intended only for the use of the individual(s) and/or entity named as 
> recipients in the message. If you are not an intended recipient of this 
> message, please notify the sender immediately and delete this material from 
> your computer. Do not deliver, distribute or copy this message, and do not 
> disclose its contents or take any action in reliance on the information that 
> it contains.
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~
>
> ---
> To manage subscriptions click here: 
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

RE: Connecting an ASA Firewall directly to internet ethernet dropoff ?

2010-11-03 Thread Raper, Jonathan - Eagle 
Our Internet connection comes straight into our ASA. I understand CIDR, but 
what do you mean by "serial IP"?

Your default route in your ASA would point to your ISP's gateway address that 
they provide you.

Jonathan L. Raper, A+, MCSA, MCSE
Technology Coordinator
Eagle Physicians & Associates, PA
jra...@eaglemds.com
www.eaglemds.com


-Original Message-
From: Jon D [mailto:rekcahp...@gmail.com]
Sent: Wednesday, November 03, 2010 9:59 AM
To: NT System Admin Issues
Subject: Connecting an ASA Firewall directly to internet ethernet dropoff ?

If you have an ethernet drop off to the internet, and a new Cisco ASA,
and no router, can you connect it to the internet?
I have a CIDR range, and a Serial range.

Right now I have 1 interface with an inside natted address and 1
interface with a serial ip.
Should I have a 3rd interface configured with an ip from the CIDR range?

I can currently, from the ASA, ping inside and outside, but I can't
hit anything to the CIDR range




Thanks,
Jon

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Any medical information contained in this electronic message is CONFIDENTIAL 
and privileged. It is unlawful for unauthorized persons to view, copy, 
disclose, or disseminate CONFIDENTIAL information. This electronic message may 
contain information that is confidential and/or legally privileged. It is 
intended only for the use of the individual(s) and/or entity named as 
recipients in the message. If you are not an intended recipient of this 
message, please notify the sender immediately and delete this material from 
your computer. Do not deliver, distribute or copy this message, and do not 
disclose its contents or take any action in reliance on the information that it 
contains.

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/>  ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Re: Connecting an ASA Firewall directly to internet ethernet dropoff ?

2010-11-03 Thread Richard Stovall 
In answer to the first question, sure.  That's what we have at work with
Ethernet handoffs from both of our ISPs.  Doing it this way costs us 1 ip
from each range for the gateways, but the ISPs were quite used to setting it
up and didn't blink when we asked them to do it.

I'm not sure what a serial ip is, so I have to defer on that one.

On Wed, Nov 3, 2010 at 9:58 AM, Jon D  wrote:

> If you have an ethernet drop off to the internet, and a new Cisco ASA,
> and no router, can you connect it to the internet?
> I have a CIDR range, and a Serial range.
>
> Right now I have 1 interface with an inside natted address and 1
> interface with a serial ip.
> Should I have a 3rd interface configured with an ip from the CIDR range?
>
> I can currently, from the ASA, ping inside and outside, but I can't
> hit anything to the CIDR range
>
>
>
>
> Thanks,
> Jon
>
> ~ Finally, powerful endpoint security that ISN'T a resource hog! ~
> ~   ~
>
> ---
> To manage subscriptions click here:
> http://lyris.sunbelt-software.com/read/my_forums/
> or send an email to listmana...@lyris.sunbeltsoftware.com
> with the body: unsubscribe ntsysadmin
>

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin

Connecting an ASA Firewall directly to internet ethernet dropoff ?

2010-11-03 Thread Jon D 
If you have an ethernet drop off to the internet, and a new Cisco ASA,
and no router, can you connect it to the internet?
I have a CIDR range, and a Serial range.

Right now I have 1 interface with an inside natted address and 1
interface with a serial ip.
Should I have a 3rd interface configured with an ip from the CIDR range?

I can currently, from the ASA, ping inside and outside, but I can't
hit anything to the CIDR range




Thanks,
Jon

~ Finally, powerful endpoint security that ISN'T a resource hog! ~
~   ~

---
To manage subscriptions click here: 
http://lyris.sunbelt-software.com/read/my_forums/
or send an email to listmana...@lyris.sunbeltsoftware.com
with the body: unsubscribe ntsysadmin