Some skilful tips when you configure a Cisco Router or ASA. When you have 4 or more ip addresses in your ip range from your ISP.
In the past and present I noticed during creation of configuration that I used frequently the first IP Address fo the IP Range i got from my ISP.
I noticed this wasn’t a good idea for some facilities you can use on your Router or ASA. For example you want to use SSL VPN on you Router or ASA, you need to open the http port and https port ( 80 & 443 ). But when you use these ports for web services of you local network to the outer world. Like Outlook Web Access or Citrix Web Access. These web apps using port 80 and or port 443.
Now when I have an IP Range of 4 IP addresses which i can use. I start for the router or ASA only the master IP address ( the first one in the list )
Example: I have an IP range 192.168.10.1 – 192.168.10.7 255.255.255.248
I can now use my Router IP address to configure SSLVPN ( this is a web-based VPN where the first time of logon will be used to install you AnyConnect VPN Client. ) I use also this IP address to create VPN tunnels to other offices.
- Router IP address will be: 192.168.10.1
- Mail IP address will be: 192.168.10.2
- Citrix IP address will be: 192.168.10.3
Via this construction I know exactly what I can use and where for. It will also prevent you from leaving IP addresses behind you will forget to use in the Future. And it will make some configuration abilities you may have to make.
This construction can also be used on Cisco IOS Routers.