Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
621
Views
0
Helpful
2
Replies

Internet Router / ASA Configuration to get http traffics

sdasgupta
Level 1
Level 1

‎11-27-2010 10:56 PM - edited ‎03-04-2019 10:35 AM

Hi All,

Please find the attached Network diagram to get the ready ref for my question......

See, I need internet browsing from my private LAN segment 172.16.34.0/24 ( created on L3 switch as VLAN 42, mentioned because default VLAN 1 is down due to security reasons. )

Now, I have configured my L3 switch, Internet Router & ASA all the way for getting ping reply to my Public DNS ( 121.242.190.210 ) as well Internet Router next hop ( gateway, 111.93.160.37/30 ) from my private LAN VLAN 42 ( 172.16.34.0/24 )

I have done the config and getting all the ping reply, even nslookup is working from any end user desk.....but still internet page not opening from end user PC....I think http traffic not coming or name resolution not working....

Please look into the router config......and suggest me what I should further, or is there anything to allow in ASA firewall ?

NB:- The internet link is working find that I checked by connecting the ISP UTP connection coming from their mux....into laptop and putting an public and all.

Thanks in Advance....

Regards - Sujit

Labels:
76011-Network_Arch.zip
0 Helpful
2 Replies 2

antasson
Level 1
Level 1

‎11-29-2010 08:45 AM

Hello Sujit,

at first I would test accessing a web page from the same PC that can ping the public DNS, using the ip address though, not the name (ex. ping 74.125.79.99 or any other ip address for www.google.com).

If this works, you have problems with the DNS requests.

Otherwise you may want to look at the ASA configuration, for what's regarding the NAT or the types of traffic that's allowed to be forwarded.

Hope it helps,

Antonio

0 Helpful

cadet alain
VIP Alumni
VIP Alumni
In response to antasson

‎11-29-2010 12:06 PM

Hi,

even nslookup is working from any end user desk

so this is probably not a dns problem

Can you do a packet-tracer on the asa for web traffic coming from your LAN users and post what it is telling.

Regards.

Don't forget to rate helpful posts.
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card