Question : Setup ASA 5505 behind a cisco 2600

I currently have a cisco 2600 with t1 wic card and ethernet lan interface. I would like to use the 2600 strictly as the connection to the t1 and move all the routing the new asa 5505 i just bought. What do i need to set the lan interface for on the 2600 and the public side of the asa 5505. (i have 15 external ips to work with. Below is the config of the current 2600.

cisco#show run
Building configuration...

Current configuration : 2070 bytes
!
version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname cisco
!
enable secret 5 $$$$$$$$$$$$$$$$$$$
enable password $$$$$$$$$$$$$$$$$$$
!
ip subnet-zero
!
!
ip name-server $$$$$$$$$$$$$$$$$$$
ip name-server 192.168.1.3
!
!
!
!
interface FastEthernet0/0
ip address 69.XX3.116.75 255.255.255.248 secondary
ip address 192.168.1.1 255.255.255.0
ip directed-broadcast
ip nat inside
duplex auto
speed auto
!
interface Serial0/0
description T1
no ip address
encapsulation frame-relay IETF
no ip route-cache
no ip mroute-cache
load-interval 30
no fair-queue
service-module t1 remote-alarm-enable
cdp enable
frame-relay lmi-type ansi
!
interface Serial0/0.1 point-to-point
description Connected to Internet
bandwidth 1536
ip address 65.XXX.64.77 255.255.255.0
ip nat outside
no ip route-cache
no ip mroute-cache
no arp frame-relay
frame-relay interface-dlci 16 IETF protocol ip 65.XX6.186.1
!
ip nat inside source list 1 interface Serial0/0.1 overload
ip nat inside source static tcp 192.168.1.11 3389 69.XXX.116.76 3389 extendable
ip nat inside source static tcp 192.168.1.10 110 69.XXX.116.74 110 extendable
ip nat inside source static tcp 192.168.1.10 3389 69.XXX.116.74 3389 extendable
ip nat inside source static tcp 192.168.1.10 25 69.XXX.116.74 25 extendable
ip nat inside source static tcp 192.168.1.10 443 69.XXX.116.74 443 extendable
ip nat inside source static tcp 192.168.1.141 8081 69.XXX.116.74 8081 extendable
ip nat inside source static tcp 192.168.1.11 5061 69.XXX.116.76 5061 extendable
ip nat inside source static tcp 192.168.1.11 5060 69.XXX.116.76 5060 extendable
ip nat inside source static tcp 192.168.1.11 443 69.XXX.116.76 443 extendable
ip nat inside source static tcp 192.168.1.127 80 69.XXX.116.74 80 extendable
ip classless
ip route 0.0.0.0 0.0.0.0 65.XXX.64.1
no ip http server
ip http port 24891
!
access-list 1 permit 192.168.1.0 0.0.0.255
dialer-list 1 protocol ip permit
dialer-list 1 protocol ipx permit
!
line con 0
line aux 0
line vty 0 4
password XXXXXXX
login
!
end

cisco#

Answer : Setup ASA 5505 behind a cisco 2600

You will remove all references to NAT and the 192.168 address space from the router.

On the firewall:

interface Ethernet0/0
switchport access vlan 2

interface Vlan2
nameif outside
security-level 0
ip address 69.XX3.116.76 255.255.255.248

nat (inside) 1 192.168.1.0 255.255.255.0
static (inside,outside) 69.xx3.116.77 192.168.1.10 netmask 255.255.255.255
static (inside,outside) 69.xx3.116.78 192.168.1.11 netmask 255.255.255.255

Do PAT on all [dynamic] internal addresses and use the remaining public addresses for static NAT.

Random Solutions

Outlook 2007 constantly asking for password on open - OWA

Terminal Server Regional Settings

Auto zip files of a certain extension

How to uncheck a radio button

How to enable IIS in window xp?

XP Profiles inaccessible from admin accounts: can't copy profiles

how to debug a stored procedure in mysql

Windows Update causing systems to be unresponsive

Is there a driver update manager for HP?

IIS Service Unavailable and W3SVC-WP 2274 event log error