Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3901
Views
0
Helpful
15
Replies

ASA 5510 Setup Communication between two interfaces

dhavalp
Level 1
Level 1

‎01-26-2017 05:19 AM - edited ‎03-08-2019 09:04 AM

I'm a newbie to Cisco world so bare with me -- We have an ASA 5510 -  I'm doing all configurations through the ASDM not CLI.  So please excuse my ignorance.  

Eth0/0 - WAN

Eth0/1 - LAN (10.0.0.0/24) (99 Security Level)

Eth0/3 - GuestWifi (10.0.40.0/24) (99 Security Level)

The goal is to have Eth0/3 use the internal DNS server in the Eth0/1 interface to resolve DNS queries.  I've attempted to configure NAT Exempt 

Interface - GuestWifi

Source - Any

Destination - LAN

NAT Exempt Direction - Nat Exempt inbound traffic from interface TTCGuest to higher security interfaces.

Also - configured Access Rules to allow DNS traffic 53 UDP.  

Nothing is working, what am I doing wrong.

Thanks in advance!

D

Labels:
0 Helpful
15 Replies 15

Richard Burts
Hall of Fame
Hall of Fame
In response to dhavalp

‎01-26-2017 06:44 AM

Thanks for posting the running config. This is helpful. You tell us that packet tracer shows it fails in NAT. But that does not seem to be what you posted which is

Info: (acl-drop) Flow is denied by configured rule

It is interesting that when you select show rule in NAT that it shows that it seems to be involving LAN to WAN. Perhaps we can investigate this. But first there is a different issue that you need to address.

I see this line on the config

access-group GuestWifi_access_in in interface GuestWifi

But the access list that it references is not in the config that you posted. Either configure the access list or remove the access-group command.

HTH

Rick

HTH

Rick
0 Helpful
Customers Also Viewed These Support Documents