ASA5505# show running-config
: Saved
:
ASA Version 8.2(1)
!
hostname ASA5505
enable password d5uVb34W3WysZeUQ encrypted
passwd d5uVb34W3WysZeUQ encrypted
names
!
interface Vlan1
nameif inside
security-level 100
ip address 192.168.200.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
ip address 91.150.44.37 255.255.255.248
!
interface Vlan15
nameif inside2
security-level 100
ip address 192.168.0.1 255.255.255.248
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
switchport access vlan 15
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
ftp mode passive
clock timezone EEST 2
clock summer-time EEDT recurring last Sun Mar 3:00 last Sun Oct 4:00
dns domain-lookup inside
dns domain-lookup outside
dns server-group DefaultDNS
name-server 8.8.8.8
name-server 8.8.4.4
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
access-list dmz_access_in remark Implicit rule: Permit all traffic to less secure networks
access-list dmz_access_in extended permit ip any any
access-list inside_access_in extended permit ip any any
access-list inside_access_in extended permit tcp any any eq ssh
pager lines 24
logging enable
logging asdm debugging
mtu inside 1500
mtu outside 1500
mtu inside2 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
icmp permit any inside
icmp permit any outside
no asdm history enable
arp timeout 14400
nat-control
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
access-group inside_access_in in interface inside control-plane
route outside 0.0.0.0 0.0.0.0 91.150.44.33 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
aaa authentication enable console LOCAL
aaa authentication ssh console LOCAL
aaa authorization command LOCAL
http server enable
http 192.168.200.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
ssh 192.168.200.0 255.255.255.0 inside
ssh timeout 5
ssh version 2
console timeout 0
management-access inside
dhcpd auto_config outside
!

threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ntp server 87.108.20.70 source outside prefer
webvpn
username admin01 password SMkUnOJcgOVHlyRx encrypted privilege 15
!
!
prompt hostname context
Cryptochecksum:05f052044953a19c020dcf217571cd86
: end

Trying to figure out the rules, so right now it's just the basic setup. Getting interface2 out to the internet would be an improvment. inside works for the moment but I can't access inside2 from inside.

I might have been a little hasty. The traffic flows between the two inside networks now, but inside2 still can't access the outside. Even if the rules for Inside and Inside2 are the same.

Add this in your configuration then test the connections.

nat (inside2) 1 0.0.0.0 0.0.0.0

Thanks

Ajay

I forgot the dynamic nat rule while testing. So everything works as it should now. Thanks guys.

While we are here, in inside2 there is a router 192.168.0.2 and behind it is the 192.168.100.0/24 network. To get the ASA to route to it I only need to add a static route right?

Yes

route inside2  x.x.x.x x.x.x.x  pointing to 192.168.0.2