Go to console CLI and copy this below lines.  This is enable dynamic nat to access the Internet.

config t

object network obj_any
subnet 10.0.0.0 255.255.255.0
nat (inside,Outside) dynamic interface

end

wr mem

Do I still need to do the first set of commands to create the static NAT?

Presently this is how it is configured.

Management computer is set connected to the Console port for CLI and the GE MGMT port for ASDM. 

Port 1 is connected to the switch which is connected to the ISP 

Port 2 is connected to the test laptop which presently gets an IP address from the firewall which is also doing DHCP ( I will disable that after), but it does not browse the internet.

"Do I still need to do the first set of commands to create the static NAT?"

No you don't need to do the first set of command to access the Internet.

To access the Internet you only need below commands and make sure your inside interface is connected to internal switch.

- - - - - - - - - - - - - - - - - - - - - - - - - - 

config t

object network obj_any
subnet 10.0.0.0 255.255.255.0
nat (inside,Outside) dynamic interface

end

wr mem

- - - - - - - - - - - - - - - - - - - - - - - - - - 

It is still not working.

First I realised that when I did it before it did not save the config changes because it gave me an error due to the Outside interface and the management interface having the same ip scheme. I used another router internally to change the subnet which the outside interface is being connected to.

I then redid the and it gave a message indicating that it is ok however when I try to connect through the firewall I still get an exclamation mark.

I did a show interface command on the CLI and for Gigabitethernet 1/1 "Outside" it is saying IP address unassigned.

I reset the Outside interface to DHCP and it showing a correct IP address now. The test machine went from limited to connected for about a minute then reverted.

If you copied that config I provided that should enable you to access to Internet.

You may also need a static-route to push all Internet bound traffic to default gateway on your ASA, which is a next-hop address on Outside interface on your ASA.

If that does not work, then you need to follow up with someone who manages Internet connection on the next hop address.

thanks

How do I create the static route? In this case it would be going to 192.168.0.1.

Also should I make the Outside address static?

"How do I create the static route?"

route Outside 0.0.0.0 0.0.0.0 192.168.0.1

"Also should I make the Outside address static?"

Yes, it is good have a static address.  Check below.  This is on my ASA "GigabitEthernet1/0" but check your ASA whichever interface is for outside and vlaue "x" is actual host IP.

interface GigabitEthernet1/0
 nameif Outside
 security-level 0
 ip address 192.168.0.x 255.255.255.0

What about firewall rules?

I have redone the setup using the ASDM but I keep getting a DNS error. I thought this is because it is not accessing the external so I changed the security on the external to 100 and set it to allow traffic between interfaces with the same security level. I am still getting a a limited connection and windows indicates that the DNS server isn't responding. shows the internal interface as the DNS server.

Any ideas?

I am not so sure, what you have done on the ASDM GUI.

But you can post your running config from CLI, I will take a look at it.

thanks

Hi

This is the present one. I did not save the previous one.

Thanks for your continued help.

You are missing dns server info in the DHCP configuration and everything else looks good.  Below IP address are for DNS server in Canada.  You might use something local your ISP.

dhcpd dns 206.248.154.22 206.248.154.170
dhcpd domain your-domain-name.com

Thanks

How do I enter that on the Outside facing address.

Do I just type that in to the CLI?

Hi

Thank you for your help. Is there a way to connect with via Skype or similar medium to get yoru assistance? Or if you can give me a time when I can connect with you here and get your help as I work through this.

Hi

I got it working in my test environment using a combination of information from your thread and the other persons. However, I have a TP Link which is acting as my gateway/switch in my test environment with IP address 10.0.0.2, what would you recommend I use in my live environment?