Can not Ping Amazon domain name after bought ASA5506X

Maivoko · ‎11-09-2018

I bought ASA5506X

then I set up PAT translated to outside

and set up firewall policy to allow outbound to 8.8.8.8 and AWS.amazon.com FQDN

and set up dns 8.8.8.8 and for inside_7 true

then I connect eighth port which is inside_7 to wifi internet port which can get dhcp address

but after connect WiFi , can not Ping amazon AWS.amazon.com

Maivoko · ‎11-10-2018

Attach the Ping result

Francesco Molino · ‎11-10-2018

Hi

As we don't have the full config, i just want to make sure about something.
Can you connect to your asa in ssh and run the following command please:

packet-tracer input inside_7 tcp 12.0.0.2 12345 52.46.157.11 443 detail

Paste the output in a text file and attach it in this post.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

Maivoko · ‎11-11-2018

How to set up ssh
As I do not know how to setup Ssh in New ASA5506X

I connect management port that can not ssh
192.168.1.2

I succeed to connect aws.amazon.com
But when it transfer to us-east-1.console.aws.amazon.com

Can not display

I just set up service rule policy to drop mismatch request and content

And allow outbound to us-east-1.console.aws.amazon.com FQDN

Do i need to add all subnet and domain name of amazon from json ?

Maivoko · ‎11-11-2018

I can ssh now

Attach config

[image: Text file]
ASAconfig11112018fromhoyeungl…
<>

Francesco Molino · ‎11-11-2018

Your attachement isn't in the post.

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question