Recently, i have installed ASA-5512x. Internal users (LAN) are able to browse different web sites. However, when executing ping to any of these websites they get the "Request Timed out" response.
I guess there is something wrong on the ASA configuration. But since i'm a beginer i want to share with you the problem to get a little bit of helpful informations.
PS: access lists are configured to allow all type of traffic from the local network's vlans to the external network (internet). Also, it's important to know that the ASA isn't configured in bridged mode so the public IP address is located on the modem.
Thank you for help
Hi, I don't know how is configured the interfaces name of your ASA, however i suppose you have inside for local network interface and outside for external networks default name, for local and external ISP connection. If so, it means that you don't need ACLs to permit traffic from the inside to the outside, due to the stateful mode.
The Traffic from the owest security level, to the highest security level will be always allowed. (When you have inside and outside as default names for interfaces, the ASA will add default security levels)
Regarding the original problem to fix the ping try this command from the configuration mode:
fixup protocol icmp
If it doesn't work please post the output for:
Show run icmp
Personally, I think you'd be better off adding to your global policy "inspect icmp". Do a "show run policy-map".
Here's mine for reference:
inspect dns preset_dns_map
inspect h323 h225
inspect h323 ras
inspect icmp error