ASA 5505 - PPPOE, No PC Client Access to the Internet

vdinenna71 · ‎10-29-2013

The setup is simply this: Verizon D-Link DSL Modem/Router in bridge mode (ethernet ATM bridge) to ASA5505 to PCs.

The PCs get an IP address, default gateway, DNS server IPs from ASA5505.

Win 7 and XP Pro PCs get IPs, but message warning "No Internet Access" in the task bar.

Show Interface VLAN2 showing a routable IP address distributed by Verizon server. VPDN PPPoE commands seem to be working.

Reloading ASA, then checking the interface, same IP was distributed. Unplugging power from ASA, same IP was distributed.

In sh Inter vlan2 command did show Dropped Packets.

The ASA5505 can PING next hop at Verizon. ASA can PING PCs and visa-vera. PCs can PING each other through ASA switchports.

I tried different DNS servers settings, including Google 8.8.8.8 DNS server. Installed DNS IP directly on PC.

Tried different cables on the LAN.

Changed MTU to 1492, 1460 and 1500 and variations of these on both Inside and Outside interfaces.

ASA routing table shows Verizon next hop.

Added default route manually.

There are no access-lists.

Ran the Clear Xlate command.

None of the above worked for me.

I've attached the config from the ASA5505.

If someone could tell me if it's missing or needs a command, it would be a great help.

Thanks,

Vince

Karsten Iwen · ‎10-29-2013

The general config seems ok to me. But your vpnclient-setting could stop all internet if the central site you connect to is not configuring for providing internet-access. To make sure that the local ASA can provide internet to the client you could disable the "vpnclient"-setup and test again.

--
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni