Solved: Hi,OK on the ASA the 192.168

mercdecember · ‎09-26-2015

I have a cisco router and behind it is an asa 5505

I had to blow out the config from my router and recreate it due to a major blunder on my part so I have everything up and running however for some reason my asa cannot ping the outside, but it can ping my router at 50.0.0.1.

Also my asa is hosting anyconnect, which works fine when I browse to it locally at https://192.168.5.2, however when the nat rule on my router does not seem to work so I cannot browse to it on the web

I am sure there is something I am missing on this, does anyone have any ideas about what I can do to resolve this?

Attached are my configs

Richard Bradfield · ‎09-27-2015

Hi,

OK on the ASA the 192.168.5.0/30 is the L3 link to the Internet router, I think perhaps you need to put the "ip nat inside" command on the vlan 5 config of the router. To ping the outside the ASA will use its outside interface, and that has to be translated to routers public address to go out to the Internet.

I don't quite understand the second part of your question, so you are saying when you use anyconnect to 192.168.5.2 from inside it works , but not from the Internet!

View solution in original post

Richard Bradfield · ‎09-27-2015

Hi,

OK on the ASA the 192.168.5.0/30 is the L3 link to the Internet router, I think perhaps you need to put the "ip nat inside" command on the vlan 5 config of the router. To ping the outside the ASA will use its outside interface, and that has to be translated to routers public address to go out to the Internet.

I don't quite understand the second part of your question, so you are saying when you use anyconnect to 192.168.5.2 from inside it works , but not from the Internet!

cisco asa cannot ping out and nat does not work when behind cisco router