10-31-2016 02:39 AM - edited 03-12-2019 01:28 AM
Morning / Afternoon
I have an ASA 5508 that at present seems to be working on the whole ok, up until I added a new network to one of the spare interfaces.
Directly attached to the ASA is the;
'Outside Interface' - connected directly to our ISPs router for internet access
'Inside Interface' - leads to the AD wired network, provides DHCP, DNS, NAP services
'Wireless Interface' - speaks for itself. Uses services provided by the inside interface.
'Apple Network' - speaks for itself. Uses services provided by the inside interface.
'PrestonSchool' - This is the interface I am having issues with.
Any client attached to the PrestonSchool Interface can ping any IP address on the net and get a response, it can not however ping a FQDN as the request doesn't get resolved. Neither can a client bring up any web pages using an IP. The DNS servers used are the same as for the AD network which work fine.
The error I get when trying to ping a FQDN is as follows:
6 | Oct 25 2016 | 14:34:03 | 162.13.113.100 | 53 | 172.20.239.250 | 56207 |
Routing failed to locate next hop for UDP from Outside:162.13.113.100/53 to Inside:172.20.23250/56207 |
The IP address of 162.13.113.100 is the address of the ISP's DNS server. I have tried other external DNS servers wit the same result. If however I point it to the DNS on the 'Inside' interface it resolves fine but can still not get a web page.
Ok I know the ASA is not a router, but it must be aware of the IP address attached to each of the interfaces? I have not had any issues on any of the other interfaces just this one.
Clearly this is a routing issue but I'm not quite clear as to why the issue has arisen as it hasn't on the other interfaces, or how to resolve it - so any help greatly appreciated.
I have attached the config.
11-03-2016 05:30 AM
anyone?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide