ip address Command
All the interfaces on a Security Appliance that will be used must be configured with an IP
address. The IP address can be configured manually or through Dynamic Host Configuration
Protocol (DHCP). The DHCP feature is usually used on Cisco Security Appliance small
office/home office (SOHO) models. DHCP is discussed later in this chapter.
The ip address command, while in interface configuration mode, is used to configure IP
addresses on the Security Appliance interfaces. The ip address command binds a logical
address (IP address) to the hardware ID. Additionally, you can use the ip address command
to assign a standby IP address for a Security Appliance that will be used during a failover
situation. Table 6-4 describes the parameters for the ip address command, the syntax of
which is as follows:
ip address ip-address [netmask] [standby ip_address]
Example 6-3 shows configuration of the inside interface with an IP address of 10.10.10.14/24.
In addition to manually assigned IP addresses, the Security Appliance can act as a DHCP
client. With version 7.0, the ip address command can use dhcp as an entry instead of an IP
address.
This will allow a DHCP server to assign an IP address and netmask to the interface. A default
gateway will also be assigned to the Security Appliance if it is required. You can flush and
renew the IP address assignment through the DHCP server by reentering the ip address dhcp
command.
Use the show ip command to view the configured IP address on a Security Appliance
interface.
Table 6-4 ip address Command Parameters
Command Parameter Description
ip-address Specifies the IP address of the interface.
netmask Specifies the appropriate network mask. If the mask value is
not entered, the firewall assigns a classful network mask.
standby ip_address Specifies the IP address for the standby unit for failover.