cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1429
Views
5
Helpful
7
Replies

ASA 5505

David Joseph
Level 1
Level 1

Hello I have a 5505 that I can't access the outside network from the inside. I can ping from the firewall outside. From inside connected to my laptop I can ping my gateway but can't ping outside or browse the web. I'm inspecting icmp and I set the DNS servers. I can see the nat translations happening but I'm missing something. Any help in figuring out what I'm missing would be greatly appreciated.

7 Replies 7

Troy Jackson
Level 1
Level 1

Can you post your config?

 

Please remember to rate useful posts, by clicking on the star below.
-Troy J.






You can try running the following command to see where it fails.

 

packet-tracer input inside tcp <your laptop IP Address> 23456 8.8.8.8 443 detail

 

See the step where it fails

 

 

Thanks I ran that packet trace and here's the results from that. Result:
input-interface: inside
input-status: up
input-line-status: up
output-interface: outside
output-status: up
output-line-status: up
Action: allow

Could you try using the outside interface for the NAT since you can access the outside from the firewall?

 

ex. 

object network obj_any

nat (inside,outside) source dynamic interface

 

Please remember to rate useful posts, by clicking on the star below.
-Troy J.

That works if I set the the outside interface to NAT but then it shows my external IP as my outside interface address instead of the NAT address I want to use. I'll figure that part out though. Thanks for the help Troy.

dasiimwe
Level 1
Level 1

Confirm that your inside interface is assigned to vlan 1 

 

interface Ethernet0/1
switchport access vlan 1

 

Also confirm you have a static route to your inside subnets.

 

route inside 10.0.0.1 255.255.255.0

 

PS:- word to the wise DO NOT post your company's configs to this public forum especially your ASA configs. Soon or later your company's cybersecurity team will find this post and you will probably get fired.

** hostname:UNI**

** username admin password ***

As you can see the config is now permanently cached on google for all to see.

 

https://www.google.com/search?&q=unitrendsasa

 

Review Cisco Networking for a $25 gift card