I have basic configurations like 

hostname(config)# nat (inside) 1 0 0
hostname(config)# global (outside) 1 interface

hostname(config)#route outside 0.0.0.0 0.0.0.0 <router interface>

I am able to ping from PC to Router IP and i can ssh to outside interface of Firewall.

thanks

Hi,

I think this configuration seems good. Are u not able to browse internet through this ASA device ?

If yes , provide me this output:-

packet input inside tcp <PC IP address on the inside> 3456 8.8.8.8 80 det

Thanks and Regards,

Vobhor Amrodia

thanks Vobhor for your quick response

I cannot browse internet through firewall. i did connect my PC directly to switch 2 port without firewall and i cannot access internet. will that be an issue? do we need to have internet connectivity through switch2 in order to allow users behind the firewall?

thanks

Hi,

Okay , can you clarify on this for me. Are you able to ping the internet from the ASA outside interface ?

Just try something like this:-

ping 4.2.2.2 .. Does this work ?

If this does not work , then i think the ASA even is not able to get to the internet and that would be a problem on the router.

Also , internet from Switch 2 is not a requirement as that is only a Layer 2 device.

You can assign the ISP allocated address on the PC , connect it to the Switch 2 port and then try to ping something on the internet or surf internet and i think that should work.

Thanks and Regards,

Vibhor Amrodia

Its working, i seems i need to add DNS entries on my PC to browse internet. is there a way we can make get this informations from gateway/firewall when we connect PC to firewall inside interface without manually enter on every PC?

thanks

Hi,

What you need is a DHCP server. If you don't have a dedicated DHCP server, you can consider enabling it on your ASA (or switch if it supports it).

http://www.cisco.com/c/en/us/td/docs/security/asa/asa82/configuration/guide/config/dhcp.html#wp1114099

Above cisco link is not opening, please provide the working link and help.