06-19-2017 08:55 AM - edited 03-05-2019 08:43 AM
I'm trying to get my clients connected to inside to route to the internet. My current set up is:
inside: 192.168.10/24
outside 192.168.1.10
DSL: 192.168.1.254
Outside is connected to my DSL router. DHCPD is set up on inside, outside is static. When I connect via my 1242AG on my phone, it tells me "internet may not be available". I also tried via a laptop direct on the ASA. It was showing the gateway as 192.168.10.1, so I set dhcpd option 3 to 192.168.1.254. I have set route outside 0.0.0.0 0.0.0.0 192.168.1.254 and show route gives:
Gateway of last resort is 192.168.1.254 to network 0.0.0.0
C 192.168.10.0 255.255.255.0 is directly connected, inside
C 192.168.1.0 255.255.255.0 is directly connected, outside
S* 0.0.0.0 0.0.0.0 [1/0] via 192.168.1.254, outside
I can ping 8.8.8.8 from the ASA CLI. I also tried setting option 3 as 192.168.10.1, that also didn't work. I also tried 192.168.1.10, same issue. It is showing the gateway change on ipconfig, but it doesn't seem to want to properly route between the two zones.
Trying to add route inside 192.168.10.0 255.255.255.0 192.168.1.254 or route inside 192.168.10.0 255.255.255.0 192.168.1.10 says "ERROR: Cannot add route, connected route exists" so I'm not sure what is wrong here.
The DSL's gateway is 107.203.56.1, and it's IP is 107.203.56.23. But since I can ping externals from the ASA CLI, I don't think this information needs to be set anywhere.
Solved! Go to Solution.
06-19-2017 09:59 AM
Hi matthunt2063,
You need to configure PAT for your LAN subnet. Try the following config:-
object network LAN
subnet 192.168.10.0 255.255.255.0
nat (inside,outside) dynamic interface.
Please rate if this is helpful.
06-19-2017 09:59 AM
Hi matthunt2063,
You need to configure PAT for your LAN subnet. Try the following config:-
object network LAN
subnet 192.168.10.0 255.255.255.0
nat (inside,outside) dynamic interface.
Please rate if this is helpful.
06-20-2017 03:04 PM
I did that, and I also realize after looking over my config I had both zones set to security of 0. So I set the inside back to 100. Not sure which did the trick, but I'm marking you a 5 & "correct answer"!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide