11-27-2010 10:56 PM - edited 03-04-2019 10:35 AM
Hi All,
Please find the attached Network diagram to get the ready ref for my question......
See, I need internet browsing from my private LAN segment 172.16.34.0/24 ( created on L3 switch as VLAN 42, mentioned because default VLAN 1 is down due to security reasons. )
Now, I have configured my L3 switch, Internet Router & ASA all the way for getting ping reply to my Public DNS ( 121.242.190.210 ) as well Internet Router next hop ( gateway, 111.93.160.37/30 ) from my private LAN VLAN 42 ( 172.16.34.0/24 )
I have done the config and getting all the ping reply, even nslookup is working from any end user desk.....but still internet page not opening from end user PC....I think http traffic not coming or name resolution not working....
Please look into the router config......and suggest me what I should further, or is there anything to allow in ASA firewall ?
NB:- The internet link is working find that I checked by connecting the ISP UTP connection coming from their mux....into laptop and putting an public and all.
Thanks in Advance....
Regards - Sujit
11-29-2010 08:45 AM
Hello Sujit,
at first I would test accessing a web page from the same PC that can ping the public DNS, using the ip address though, not the name (ex. ping 74.125.79.99 or any other ip address for www.google.com).
If this works, you have problems with the DNS requests.
Otherwise you may want to look at the ASA configuration, for what's regarding the NAT or the types of traffic that's allowed to be forwarded.
Hope it helps,
Antonio
11-29-2010 12:06 PM
Hi,
even nslookup is working from any end user desk
so this is probably not a dns problem
Can you do a packet-tracer on the asa for web traffic coming from your LAN users and post what it is telling.
Regards.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide