Solved: ASA 5505 issue

jm.virtual01 · ‎09-13-2017

I have ASA 5505. In my network, i have created a new VLAN 10.43.25.x/24 and the user from this vlan can't go on internet. I can ping the firewall from this vlan. I have allow route in the firewall for this network.

My firewall is ASA 5505 and two interfaces are configured, inside and outside. Also configured switchport.

Configuration for inside and outside interface is,

interface Ethernet0/1
description Inside
switchport access vlan 2

!
interface Vlan2
description INSIDE
nameif inside
security-level 100
ip address 192.16.71.2 255.255.255.0

interface Ethernet0/0
description OUTSIDE
interface Vlan1
description OUTSIDE
nameif outside
security-level 0
ip address 90.85.135.122 255.255.255.248

All the other switch ports are in acces more for outside interface but not in use.

From previous network192.168.15.x (vlan 2), 192.168.16.x (vlan 4) i can go on internet but not from 10.43.25.x (vlan 101).

What should be the inssue ?

Seb Rupik · ‎09-13-2017

Hi there,

You are most likely missing NAT configuration for your new VLAN.

What is the output of:

sh run nat

cheers,

Seb.

View solution in original post

Seb Rupik · ‎09-13-2017

Hi there,

You are most likely missing NAT configuration for your new VLAN.

What is the output of:

sh run nat

cheers,

Seb.

Spooster IT Services · ‎09-13-2017

Hi jm.virtual01,

Can you please show me the complete configuration of the ASA?

Can you please run packet tracer on ASA as mentioned below and share the output?

packet-tracer input inside tcp 192.16.71.100 15151 8.8.8.8 80 detailed

Spooster IT Services Team