Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1375
Views
0
Helpful
4
Replies

Internet Access through ASA - Help

Fantas
Level 1
Level 1

‎01-16-2020 06:23 PM

Hi,

 

I want to allow internet access for host within 172.12.0.0/16 network to access internet. I have created source nat and ACL to allow traffic but still users cant access internet. please find below config i have done and guide for any missing stuff.

 

nat (inside,outside) source dynamic Net_172.12.0.0   202.5.X.X

 

access-list acl_inside permit ip object Net_172.12.0.0 any4

Labels:
0 Helpful
4 Replies 4

Francesco Molino
VIP Alumni
VIP Alumni

‎01-16-2020 07:48 PM

Hi

Remove your nat and try this one:

object network Net_172.12.0.0
nat (Inside,Outside) dynamic interface

If not working, can you share the full config please?

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Fantas
Level 1
Level 1
In response to Francesco Molino

‎01-20-2020 08:54 PM

Thanks it works.

 

Actual I used ip address instead of interface.

 

But did same you mentioned , nat under object

 

0 Helpful

Francesco Molino
VIP Alumni
VIP Alumni
In response to Fantas

‎01-21-2020 07:34 PM

Ok good. Ip is good if you want to have a nat on a different ip than the outside interface

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

johnlloyd_13
Level 9
Level 9

‎01-17-2020 06:50 AM

hi,

is the 172.12.0.0/16 directly connected on the ASA? or is there a router/L3 device behind it?

if it's the latter, then you'll need a static route to reach the said subnet.

route inside 172.12.0.0 255.255.0.0 <router hop ip> 1

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card