Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
731
Views
0
Helpful
1
Replies

cisco asa 5505 basic configuration help needed.

brettpenza
Level 1
Level 1

‎04-09-2012 09:11 AM - edited ‎03-04-2019 03:57 PM

I teach in a High School and we've got about a 300 node MS Windows Network.  Two MS2003 File Servers act as my DNS/WINS/DHCP servers.

We have been using a WATCHGUARD FIREBOX III to act as the router/gateway between the outside external address and my internal (10.0.0.1) gateway address.

All p.c's inside the network are routed to one of the Servers (10.0.0.2 or 10.0.0.4) for DNS/WINS/DHCP addressing.  The servers point to 10.0.0.1 for gateway.

We are trying to replace the Watchguard Firebox with a CISCO ASA 5505 (eventually we'd like to implement VPN).   When I connect the  CISCO ASA, I get no internet passthrough at all. 

I've gone through the quick config with ASDM software several times. Surfed the net for ideas, suggestions but still cannot get

it to function properly. Since I am hard to reach (teaching all day)

, I will pass the details and hope a tech person there can assist me

with a couple of ideas.

I am using the ASDM software to do all configurations. No command

line stuff.

1. I have configured the inside address for 10.0.0.1

255.255.0.0 this is our current gateway address for all inside

traffic.

2. I have configured the external address for 209.117.123.226

255.255.255.224.  This is our external address on our 10mg connection.

3. I have disabled the DHCP values. We have Windows 2003

servers that take care of all DHCP, WINS, DNS. We just want the

CISCO to route INTERNAL to EXTERNAL that's it. To do that, I enable

the PAT using the external interface as the IP.

When I connect the device into the network, I run ASDM. I can

see internal UP external UP but nothing will pass through. No

p.c.'s can get to internet.

Do I need to set up Access Lists? Tell the Cisco that there is

another DHCP server?

Either I'm missing something simple (I hope) or this is the most

complex router I've ever dealt with. I'm starting to think maybe I

should just stick with the old watch guard firebox.

Thanks for any help you can provide.


-Brett Penza

Holy Name High School

Worcester, MA

Labels:
0 Helpful
1 Reply 1

p.poissant
Level 1
Level 1

‎04-12-2012 11:02 AM

Under Configuration Device Setup In your interface Set you Ip address Info for Internal and External interfaces, make sure it is not management only

Under Configuration Device Setup Routing Setup a static route to your default gateway  ex.   0.0.0.0 0.0.0.0 GW IP

Under Configuration Firewall Objects Global Pools, create a Pool with your outside Interface with the 3rd option (PAT using IP address of the Interface)

Under Configuraton Firewall  Objects Network Objects,  create an object for your subnet  10.0.0.0 255.255.255.0

Under Configuration Nat Rules  Create a rule for the Inside Make it a Dynamic Policy from Your Subnet Object Destination Any translated to you Outside Interface Using the PAT address pool created earlier

Under Configuration Access Rule  Create a Rule under the Inside Interface to all traffic from your subnet object to anywhere with the Service you want start with IP then tweak it

Good Luck

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card