12-10-2012 03:14 PM - edited 03-11-2019 05:35 PM
Hi all,
I am setting up a ASA 5510 for the first time using the GUI.
I have set 0/0 as the Outside and 0/1 as Inside.
I have configured the Outside with the static WAN address and it has connected to my ISP.
But I just cannot get any Internet working on the Inside port. I read somewhere else I need to add static route. Can someone please advise?
Solved! Go to Solution.
12-10-2012 03:39 PM
You need to place a default route to carry the traffic from inside to outside. Use the gui to place a static route from 0.0.0.0 0.0.0.0 to the ip of your next hop ip of the isp connection.
Sent from Cisco Technical Support Android App
12-10-2012 03:39 PM
You need to place a default route to carry the traffic from inside to outside. Use the gui to place a static route from 0.0.0.0 0.0.0.0 to the ip of your next hop ip of the isp connection.
Sent from Cisco Technical Support Android App
12-14-2012 04:39 AM
Hi,
IPs are just made up.
I added this static route in, but I still cannot ping anything. Under the interface status, both inside and outside report as UP.
I changed the outside to pick up address by isp dhcp which it does 87.32.32.160/8
But when my ISP gave me the details, they put 87.32.32.160/30
And the defaulty gateway address I am using is the next hop ip. 87.32.32.161
Any thoughts?
12-14-2012 05:22 AM
Hello,
You need to add the ICMP inspection in order to allow ping through, please try the following commands:
clear config fixup
!
policy-map global_policy
class inspection_default
inspect icmp
Make sure from the ASA itself you can ping out.
Regards,
Juan Lombana
Please rate helpful posts.
12-14-2012 06:02 AM
Hi,
If you are using DHCP for the ASA outside interface IP the DHCP should provide a default route for your ASA and you dont have to configure it yourself.
To my understanding this is configured with:
"ip address dhcp setroute" where the "setroute" will enable you to get the default route with DHCP.
Dont know if this has anything to do with your problem but thought I'd mention it just incase.
- Jouni
12-14-2012 07:20 AM
I am using the GUI, could you advise of instructions for this.
I can browse to google using one of Google's IP addresses 173.194.66.105
So the connection is up and working. DNS is not. google.com doesnt resolve.
I don't have a DNS Server, so can I make use of the ISP's dns addresses which I do have?
Where should these be placed?
12-14-2012 07:27 AM
Hi,
Yes, you should use the ISPs DNS servers.
Either you configure the DNS staticly on the actual PCs network adapter settings or if your LAN users are using DHCP from the ASA then you need to configure the DNS servers under the ASAs DHCP configurations.
Are your LAN PCs configured staticly or do they use DHCP? If they use DHCP where is DHCP configured?
If you can actual PING/ICMP something behind the ASA (like the mentioned Google) then you dont need to touch your interface configurations as they seem to be working fine.
- Jouni
12-17-2012 02:43 AM
Thank you that worked.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide