Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
599
Views
5
Helpful
3
Replies

ASA5505 can reach internet but local hosts cannot.

msims
Level 1
Level 1

‎09-15-2010 12:06 PM - edited ‎03-04-2019 09:46 AM

ASA 5505.

From the console, can ping internet hosts.

Can reach the ASA from the LAN.

LAN hosts cannot reach the web.  I figure this is something to do w NAT but NAT and permissions are all set.  What is wrong?

Web connection is DSL / PPPOE.  I figure the PPPOE is pulling IP correctly since we can reach the web from the ASA.

Will attach SH RUN shortly.

Labels:
0 Helpful
3 Replies 3

msims
Level 1
Level 1

‎09-15-2010 12:36 PM

sh run attached

72158-sh run.txt.zip
0 Helpful

Nagaraja Thanthry
Cisco Employee
Cisco Employee
In response to msims

‎09-15-2010 12:58 PM

Hello,

What is the DNS server address? Can you try using 4.2.2.2 and see if that helps? If that did not work, please try the following:

access-list outside_access_in permit icmp any any echo-reply

access-group outside_access_in in interface outside

icmp permit any outside

Hope this helps.

Regards,

NT

msims
Level 1
Level 1
In response to Nagaraja Thanthry

‎09-15-2010 01:32 PM

Wonderful!  Tried two different dns servers thinking that was the issue but I guess both were failing.  And allowed the ICMP replies in and now pings can respond fine to the router or to internal hosts.  So simple sometimes!

Thank you!
-mike

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card