07-25-2018 12:51 PM - edited 02-21-2020 08:01 AM
Hello I have a 5505 that I can't access the outside network from the inside. I can ping from the firewall outside. From inside connected to my laptop I can ping my gateway but can't ping outside or browse the web. I'm inspecting icmp and I set the DNS servers. I can see the nat translations happening but I'm missing something. Any help in figuring out what I'm missing would be greatly appreciated.
07-25-2018 01:17 PM
Can you post your config?
07-25-2018 01:21 PM - edited 07-26-2018 08:53 AM
07-25-2018 01:27 PM
You can try running the following command to see where it fails.
packet-tracer input inside tcp <your laptop IP Address> 23456 184.108.40.206 443 detail
See the step where it fails
07-25-2018 01:57 PM
Thanks I ran that packet trace and here's the results from that. Result:
07-25-2018 02:26 PM
Could you try using the outside interface for the NAT since you can access the outside from the firewall?
object network obj_any
nat (inside,outside) source dynamic interface
07-26-2018 10:13 AM
That works if I set the the outside interface to NAT but then it shows my external IP as my outside interface address instead of the NAT address I want to use. I'll figure that part out though. Thanks for the help Troy.
07-25-2018 10:03 PM
Confirm that your inside interface is assigned to vlan 1
switchport access vlan 1
Also confirm you have a static route to your inside subnets.
route inside 10.0.0.1 255.255.255.0
PS:- word to the wise DO NOT post your company's configs to this public forum especially your ASA configs. Soon or later your company's cybersecurity team will find this post and you will probably get fired.
** username admin password ***
As you can see the config is now permanently cached on google for all to see.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: