Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1132
Views
0
Helpful
5
Replies

Asa Firewall 9.14 unable to get internal server outside to Internet

Go to solution
gashi.kadri
Level 1
Level 1

‎02-19-2022 08:27 AM

Im trying to setup my asa 5506x Firewall to my company , 

I have Exchange Server in my current setup and it is working well using ASA FIREWALL 5520 with version 8.2 

I have set the new ASA but i can not getting work like the current bcs the setup is different on ASa 5506x with version 9.14 

 

i have public ip addresses in both WAN IP 

I want that when uses from internet trying to reach my public ip they get responce from 192.168.88.95 which is my exchange sever in VLAN 60 

 

 

 

 

 

Preview file
3 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Sheraz.Salim
VIP
VIP
In response to gashi.kadri

‎02-21-2022 02:34 AM

Just to confirm have you check your dns server pointing to right DNS ip address/es

please do not forget to rate.

View solution in original post

0 Helpful
5 Replies 5

Go to solution
Sheraz.Salim
VIP
VIP

‎02-21-2022 12:18 AM

your nat rules look good. also add the nat rule for your back up internet line too.

what you see when you do a packet tracer.

 

packet-tracer input VLAN10 tcp 8.8.8.8 1234 X.X.X.X 80 detail

where x.x.x.x is your public internet Ip address.

please do not forget to rate.
0 Helpful

Go to solution
gashi.kadri
Level 1
Level 1

‎02-21-2022 12:52 AM

HI Sharaz i have fixed some of my rules what i have  used portforwarding for my exchange server so the server is reachable from out now but not reachable from VLANs 

i can reach from outside interner but not from internal using mail.mycompany.com 
but not from vlans 

0 Helpful

Go to solution
Sheraz.Salim
VIP
VIP
In response to gashi.kadri

‎02-21-2022 01:03 AM

You mentioned you can not reach server from internal vlans. for these vlans the default gateway is the firewall?

 

1. In your firewall configuratons your security-level of vlan60 is security-level 50 where as your other vlans have security-level 100. now from higher (for example security-level 100 to security-level 50) lower is allowed. what you see in syslog messages?

 

2. for mail.mycompany.com is the DNS entry is setup correctly? can you ping the ip address or can you reach the web-page using the ip address?

 

is there a router behind the firewall?

 

 

please do not forget to rate.
0 Helpful

Go to solution
Sheraz.Salim
VIP
VIP
In response to gashi.kadri

‎02-21-2022 02:34 AM

Just to confirm have you check your dns server pointing to right DNS ip address/es

please do not forget to rate.
0 Helpful

Go to solution
gashi.kadri
Level 1
Level 1
In response to Sheraz.Salim

‎02-21-2022 02:37 AM

thank you sharaz salim it was the dns who has causing this problem 

the dns server that i have inside my company .

i removed the dns entries and everythink is working fine thank to you 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card