Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
632
Views
0
Helpful
5
Replies

Cannot get a Internet connection from my CISCO ASA 5510 to my Managed CISCO

andrewgarber
Level 1
Level 1

‎06-19-2008 06:38 AM - edited ‎03-03-2019 10:25 PM

Cannot get a Internet connection from my CISCO ASA 5510 from my Managed CISCO 1841. Standard T-1 Connection from MegaPath.

Updated the CISCO Configuration, please help I know something is causing a issue with a route? I cannot even PING the DNS Servers at Megapath.

The T1 router is configured with NAT off.

Usable IP addresses, for the local network, are as follows:

IP's: 64.32.187.162 through 64.32.187.174 Subnet mask for all IP addresses: 255.255.255.240 Gateway for all IP's: 64.32.187.161 DNS for all IP's: 64.7.11.2and 66.80.131.5”

Here is my CISCO ASA 5510 Config file

Result of the command: "show running-config"

: Saved

:

ASA Version 7.0(7)

!

hostname --------INC

domain-name -------INC

enable password xxx

names

dns-guard

!

interface Ethernet0/0

nameif MEGAPATHT1

security-level 0

ip address 64.32.187.162 255.255.255.240

!

interface Ethernet0/1

nameif inside

security-level 0

ip address 192.168.189.1 255.255.255.240

!

interface Ethernet0/2

shutdown

no nameif

no security-level

no ip address

!

interface Ethernet0/3

shutdown

no nameif

no security-level

no ip address

!

interface Management0/0

nameif management

security-level 100

ip address 192.168.1.1 255.255.255.0

management-only

!

passwd xxx

ftp mode passive

same-security-traffic permit inter-interface

pager lines 24

logging asdm informational

mtu management 1500

mtu MEGAPATHT1 1500

mtu inside 1500

no failover

monitor-interface management

monitor-interface MEGAPATHT1

monitor-interface inside

asdm image disk0:/asdm-507.bin

no asdm history enable

arp timeout 14400

global (MEGAPATHT1) 10 interface

nat (management) 0 0.0.0.0 0.0.0.0

nat (inside) 10 0.0.0.0 0.0.0.0

route MEGAPATHT1 0.0.0.0 0.0.0.0 64.32.187.161 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00

timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

http server enable

http 192.168.1.0 255.255.255.0 management

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

telnet timeout 5

ssh timeout 5

console timeout 0

dhcpd address 192.168.1.2-192.168.1.254 management

dhcpd dns 64.x.x.2 66.80.131.5

dhcpd lease 3600

dhcpd ping_timeout 50

dhcpd domain PeminicINC

dhcpd enable management

!

class-map inspection_default

match default-inspection-traffic

!

!

policy-map global_policy

class inspection_default

inspect dns maximum-length 512

inspect ftp

inspect h323 h225

inspect h323 ras

inspect rsh

inspect rtsp

inspect esmtp

inspect sqlnet

inspect skinny

inspect sunrpc

inspect xdmcp

inspect sip

inspect netbios

inspect tftp

inspect icmp

!

service-policy global_policy global

Cryptochecksum:xxx

: end

Labels:
0 Helpful
5 Replies 5

andrewgarber
Level 1
Level 1

‎06-19-2008 06:44 AM

Some Route is wrong in the Firewall because I cannot get out.

0 Helpful

smitty6504
Level 1
Level 1

‎06-19-2008 07:30 AM

The route is wrong i would try this for the route issue:

route Megapath1 0.0.0.0 0.0.0.0 e0/0

and then also you want your inside interface to have a higher security level then your outside interface, so give this a try:

Int E0/0

security-level 100

0 Helpful

andrewgarber
Level 1
Level 1
In response to smitty6504

‎06-19-2008 07:50 AM

I agree my routes are wrong. But when I run the command

route Megapath1 0.0.0.0 0.0.0.0 e0/0

Comes back with a

ERROR: % Invalid input detected at '^' marker.

0 Helpful

smitty6504
Level 1
Level 1
In response to andrewgarber

‎06-19-2008 09:35 AM

what is the next hop from the outside of the ASA or what is the ip address of the next hop connected to e0/0

route Megapath1 0.0.0.0 0.0.0.0 (enter IP here)

0 Helpful

jignesh.p
Level 1
Level 1

‎06-19-2008 09:39 AM

Hi,

you have made mistake configuring inside interface. just look below configuration.

your configuration for Inside Interface.

----------------------------------------

interface Ethernet0/1

nameif inside

security-level 0

ip address 192.168.189.1 255.255.255.240

It should be like this

-------------------------

interface Ethernet0/1

nameif inside

security-level 100

ip address 192.168.189.1 255.255.255.240

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card