Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
426
Views
10
Helpful
5
Replies

ASA basic configuration - NAT and pinging externally

twhittle1
Level 1
Level 1

‎05-28-2016 02:28 PM - edited ‎03-12-2019 12:48 AM

Hi All,

I'm trying to get to grips with ASAs, I'm used to routers and switches, haven't touched an ASA before this week and I'm trying to get one working however I am stumbling all over the place.

Can someone give me a jump start because I thought I was ok at "this networking lark" but now I'm struggling to get an ASA to even talk to the internet, so I'm feeling a little silly about now.

I have wiped the ASA, been through the startup wizard in ADSM and added ICMP to the default service policy rule inspection. I have my ASA directly connected to an ADSL modem and the outside interface has successfully  picked up the ip address via DHCP. The interface is set to "obtain default route using DHCP". There is a default route showing in the routing table: d*   0.0.0.0 0.0.0.0 [1/0] via x.x.x.x, outside

I have configured NAT translation

object network obj_any
nat (inside,outside) dynamic interface

object network obj_any
subnet 0.0.0.0 0.0.0.0

I cannot ping the ASA outside interface from the inside client.

I cannot ping 8.8.8.8 from the ASA - I get ????? as a result.

Can anyone help? Am I missing something really simple? Or am I being really silly?

Happy to post some config but I didn't want to clutter the initial post.

Many Thanks,

Tom

Labels:
0 Helpful
5 Replies 5

Philip D'Ath
VIP Alumni
VIP Alumni

‎05-28-2016 08:16 PM

Try adding "icmp error" to the default inspection policy.

ansarjavaid54
Level 1
Level 1

‎05-28-2016 11:33 PM

Hi there.

Just add your subnet in same nat translation rule like..

object network obj_any

subnet 0.0.0.0 0.0.0.0

nat (inside,outside) dynamic interface...

Hopefully this will work and please Rate the correct answer..

twhittle1
Level 1
Level 1
In response to ansarjavaid54

‎05-31-2016 02:19 AM

Thanks both, I'll give these a try later and let you know the results. 

Regards,

Tom

0 Helpful

twhittle1
Level 1
Level 1
In response to twhittle1

‎06-01-2016 01:15 AM

Hi Both,

Both of these were already configured so sadly they didn't work. However last night I put an 877 router in between the ASA and the Internet and suddenly everything started working (after I swapped the dhcp info for a static IP / route on the outside interface). I'm wondering if there's something wrong / amiss between the ADSL modem and the ASA. 

Thanks both for your assistance and suggestions.

Regards,

Tom

0 Helpful

Philip D'Ath
VIP Alumni
VIP Alumni
In response to twhittle1

‎06-01-2016 07:50 AM

There must be a configuration issue between the ADSL modem and the ASA.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card