We were too busy shaking our heads... :) j/k
*ASB *(My XeeSM Profile) <http://XeeSM.com/AndrewBaker> *Exploiting Technology for Business Advantage...* * * On Wed, Nov 3, 2010 at 3:37 PM, Raper, Jonathan - Eagle <[email protected] > wrote: > I’m just glad I caught it and corrected myself before someone else did! > > > > J > > > > Jonathan L. Raper, A+, MCSA, MCSE > Technology Coordinator > Eagle Physicians & Associates, PA* > *[email protected]* > *www.eaglemds.com > ------------------------------ > > *From:* Jon D [mailto:[email protected]] > *Sent:* Wednesday, November 03, 2010 3:21 PM > > *To:* NT System Admin Issues > *Subject:* Re: Connecting an ASA Firewall directly to internet ethernet > dropoff ? > > > > lol. Awesome. Got it. Thanks Jonathan. > > > > > > Jon > > On Wed, Nov 3, 2010 at 1:15 PM, Raper, Jonathan - Eagle < > [email protected]> wrote: > > I don’t know how I did that, but I just thoroughly fouled that up…not > thinking clearly at all… > > > > Head desk...about 10 times… I apologize for any confusion my previous email > may have caused. Corrected information in yellow follows (and has been > deleted from my email below). > > > > Bit placeholder > > 8 > > 7 > > 6 > > 5 > > 4 > > 3 > > 2 > > 1 > > Bit value > > 128 > > 64 > > 32 > > 16 > > 8 > > 4 > > 2 > > 1 > > > > 255.255.255.0 really equals… > > > > 11111111.11111111.11111111.00000000 > > > > In your email, you mention a CIDR of /29, which really means a subnet mask > of 255.255.255.248, which really means… > > > > 11111111.11111111.11111111.11111000 > > > > Also, CIDR/30 = 255.255.255.252 = 11111111.11111111.11111111.11111100 > > > > HTH… > > > > Is it time for my vacation yet? > > Jonathan L. Raper, A+, MCSA, MCSE > Technology Coordinator > Eagle Physicians & Associates, PA* > *[email protected]* > *www.eaglemds.com > ------------------------------ > > *From:* Raper, Jonathan - Eagle [mailto:[email protected]] > *Sent:* Wednesday, November 03, 2010 12:08 PM > > > *To:* NT System Admin Issues > > *Subject:* [SPAM] - RE: Connecting an ASA Firewall directly to internet > ethernet dropoff ? - Domain does not exist > > > > That sounds reasonable. I'd ask your ISP to be certain. I'm guessing Serial > is their terminology. Anyone who understands subnetting SHOULD understand > CIDR. > > > > All it does is allow for simplified routing tables and notation. > > > > Example: > > > > 10.1.1.0/25 = 10.1.1.0 with a subnet mask of 255.255.255.0, which allows > for 254 useable IP addresses (count starting with 0, through 255 = 256, > subtract 2 (the top one for broadcast, and the bottom one for route) = 254 > useable IP Addresses. > > > > Good explanation of CIDR's purpose is here: > > > > http://www.subnet-calculator.com/cidr.php > > > > If you know Binary, you can do subnetting (and CIDR falls into place). > > > > Jonathan L. Raper, A+, MCSA, MCSE > > Technology Coordinator > > Eagle Physicians & Associates, PA > > [email protected] > > www.eaglemds.com > > > > > > -----Original Message----- > From: Jon D [mailto:[email protected] <[email protected]>] > Sent: Wednesday, November 03, 2010 11:45 AM > To: NT System Admin Issues > Subject: Re: Connecting an ASA Firewall directly to internet ethernet > dropoff ? > > > > Thanks. Honestly I'm not 100% sure I understand the difference between > > Serial and CIDR. > > I *think* Serial is the connection between my router(or firewall) and > > the ISPs router and > > CIDR is the publically addressable IP addresses. Is CIDR just the term > > to say for example, a class C is split up into several smaller ranges? > > Like 6 IPs instead of 255, or does it mean something else? > > > > Thanks again for your help. I love learning new stuff. :) > > > > > > > > > > On Wed, Nov 3, 2010 at 11:18 AM, Raper, Jonathan - Eagle > > <[email protected]> wrote: > > > Jon, > > > > > > No problem. I would ask your ISP what they mean by "Serial" versus CIDR. > > > > > > How many IP Addresses did you request originally? > > > > > > The first one you list provides an address range of 182.40.6.12 - > 134.40.6.15 with a subnet mask of 255.255.255.252 (hence the CIDR /30), with > 2 useable IP Addresses. I'm guessing 182.40.6.12 may be where you point your > default route? > > > > > > The second one you list provides an address range of 134.120.4.0 - > 134.120.4.7, with a subnet mask of 255.255.255.248 (hence the CIDR /29), > with 6 useable IP Addresses. > > > > > > You said you're new to this - do you understand the concept of CIDR? > (don't feel bad if you don't - we're here to help!) > > > > > > Jonathan L. Raper, A+, MCSA, MCSE > > > Technology Coordinator > > > Eagle Physicians & Associates, PA > > > [email protected] > > > www.eaglemds.com > > > > > > > > > -----Original Message----- > > > From: Jon D [mailto:[email protected] <[email protected]>] > > > Sent: Wednesday, November 03, 2010 10:48 AM > > > To: NT System Admin Issues > > > Subject: Re: Connecting an ASA Firewall directly to internet ethernet > dropoff ? > > > > > > Good question. I'm new to this. Our ISP gave me something like this > > > > > > Serial 182.40.6.14/30 > > > CIDR 134.120.4.6/29 > > > > > > The internet side of the ASA is connected to the 182.40.6.x range and > > > it can ping out. So maybe I should just ignore the 134.120.4.x range? > > > > > > > > > > > > > > > > > > > > > On Wed, Nov 3, 2010 at 10:18 AM, Raper, Jonathan - Eagle > > > <[email protected]> wrote: > > >> Our Internet connection comes straight into our ASA. I understand CIDR, > but what do you mean by "serial IP"? > > >> > > >> Your default route in your ASA would point to your ISP's gateway address > that they provide you. > > >> > > >> Jonathan L. Raper, A+, MCSA, MCSE > > >> Technology Coordinator > > >> Eagle Physicians & Associates, PA > > >> [email protected] > > >> www.eaglemds.com > > >> > > >> > > >> -----Original Message----- > > >> From: Jon D [mailto:[email protected] <[email protected]>] > > >> Sent: Wednesday, November 03, 2010 9:59 AM > > >> To: NT System Admin Issues > > >> Subject: Connecting an ASA Firewall directly to internet ethernet > dropoff ? > > >> > > >> If you have an ethernet drop off to the internet, and a new Cisco ASA, > > >> and no router, can you connect it to the internet? > > >> I have a CIDR range, and a Serial range. > > >> > > >> Right now I have 1 interface with an inside natted address and 1 > > >> interface with a serial ip. > > >> Should I have a 3rd interface configured with an ip from the CIDR range? > > >> > > >> I can currently, from the ASA, ping inside and outside, but I can't > > >> hit anything to the CIDR range.... > > >> > > >> > > >> > > >> > > >> Thanks, > > >> Jon > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
