Solved: Re: Problem with ASA packet tracer

TreCani · ‎05-22-2018

Hi everybody, i'm trying to config my ASA 5505. But it drop both icmp packets and telnet connection from allowed host, also after i've created an access-list... i post the asa running conf:

names

!

interface Ethernet0/0

switchport access vlan 2

!

interface Ethernet0/1

!

interface Ethernet0/2

!

interface Ethernet0/3

!

interface Ethernet0/4

!

interface Ethernet0/5

!

interface Ethernet0/6

!

interface Ethernet0/7

!

interface Vlan1

nameif inside

security-level 100

ip address 192.168.1.1 192.168.1.0

!

interface Vlan2

nameif outside

security-level 0

ip address 192.168.255.2 255.255.255.252

!

route inside 192.0.0.0 255.0.0.0 192.168.1.5 1

route outside 0.0.0.0 0.0.0.0 192.168.255.1 1

!

access-list OUTSIDE extended permit tcp host 172.16.0.1 any eq telnet

access-list OUT-IN extended permit icmp any any

!

telnet timeout 5

ssh timeout 5

!

dhcpd auto_config outside

!

dhcpd address 192.168.1.5-192.168.1.36 inside

dhcpd enable inside

I also show you the result with a ping of a host inside

Thank you for your help

Bogdan Nita · ‎05-22-2018

I believe you did not apply the created acls to the outside interface, in order to do that for the OUT-IN acl you would need to enter the following command:

access-group OUT-IN in interface outside

HTH

Bogdan

View solution in original post

Bogdan Nita · ‎05-22-2018

I believe you did not apply the created acls to the outside interface, in order to do that for the OUT-IN acl you would need to enter the following command:

access-group OUT-IN in interface outside

HTH

Bogdan

TreCani · ‎05-23-2018

Hi Bodgan;

thank you so much!!