Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
278
Views
0
Helpful
2
Replies

ASA5505 - No internet access from Inside to Outside

Go to solution
kxv_vermilk
Level 1
Level 1

‎06-19-2013 01:19 PM - edited ‎03-11-2019 07:00 PM

First, I have little to no knowledge of firewalls and these types of devices.

I did folllow the setup wizard and everything appears to be fine at the completion.  However; something is not correct or missing.  I have no internet access when connected to this device.  I cannot ping or run a tracert in addition to no internet access.

I have noticed several different messages in the log as I attempt each of the above commands.

Here are a few of the messages:

- Failed to locate egress interface for UDP from inside...

- Routing failed to locate the next hop for ICMP from NP Identity....

- Deny TCP (no connection) from 192.168.1.6/2899 to 192.168.1.1/443...

I have provided my config.  It looks pretty basic to me with no big options.

Thanks for any help!

Kevin

Labels:
15362578-ASA5505_Config.txt.zip
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jebose
Level 1
Level 1

‎06-19-2013 01:36 PM

Hi Kevin,

The dafault route us missing from config.

with the below config i am sure that you have a static ip address from isp.

------------------

interface Vlan2

nameif outside

security-level 0

ip address 173.190.xxx.xxx 255.255.255.252

-----------------

we need to add a default route to the next hop unit(isp unit).

for eg --  route outside 0 0 173.190.x.x  1     // we specifying that unknown destination based traffic should be left to next hop 173.190.xx.xx.

Let me know how it goes.

Regards,

Jesu Kumar Bose

View solution in original post

0 Helpful
2 Replies 2

Go to solution
jebose
Level 1
Level 1

‎06-19-2013 01:36 PM

Hi Kevin,

The dafault route us missing from config.

with the below config i am sure that you have a static ip address from isp.

------------------

interface Vlan2

nameif outside

security-level 0

ip address 173.190.xxx.xxx 255.255.255.252

-----------------

we need to add a default route to the next hop unit(isp unit).

for eg --  route outside 0 0 173.190.x.x  1     // we specifying that unknown destination based traffic should be left to next hop 173.190.xx.xx.

Let me know how it goes.

Regards,

Jesu Kumar Bose

0 Helpful

Go to solution
kxv_vermilk
Level 1
Level 1
In response to jebose

‎06-19-2013 01:47 PM

OK, so I feel stupid.

Thanks a bunch for the help Jesu!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card