01-21-2015 10:27 AM - edited 03-07-2019 10:19 PM
We have a Cisco ASA 5500. We use Charter internet and a static IP. We use it for VPN and firewall and obviously it is our main router. We have one at this location and one elsewhere. They have always functioned properly and we have not had any issues.
Our static IP address changed. The person who setup the network is no longer with us and the new guy plugged in the static IP where he thought it went and also the gateway information. He did not add any DNS information to my knowledge.
Since the change we are not able to get internet. That is the biggest issue.
I know that the information we have for the ISP is correct and that the modem is functioning properly. I also know that although our windows server is handling DNS it is not the issue. I know this because as a workaround to get my local network, I have taken a Netgear router that I am familiar with. I have plugged in our static IP address, primary and secondary DNS and our Gateway and our temporary network us up and running. It is apparent they simply did not plug it in in the correct places in the Cisco ASA.
The second part of the issue becomes, once that ASA is online, where do we change the info in the other 'master' ASA that it connects to.
01-21-2015 10:57 AM
Hi
Have you tried a ping from the ASA to the gateway? And if that works a ping from the ASA to somewhere on the internet?
The problem could do with NAT. It depends on how the ASA is configured.
Could you post the config of the ASA?
01-21-2015 11:19 AM
We can ping the ASA without any issues from the server or anywhere inside the network. The ASA however, is not able to connect to the internet.
01-21-2015 11:27 AM
But can you ping from the ASA to your next hop router to reach the internet?
01-21-2015 11:34 AM
Sorry, there is no router between the two. The ASA is our Router.
Basically you have the Charter Modem --> ASA --> GigibitSwitch (DUMB) --> Server and all terminals. At no point can we get to the internet, other than directly via the modem or an alternate router connected to the modem
01-21-2015 11:48 AM
Can you post you running-config of the ASA?
01-21-2015 11:55 AM
I should have grabbed that yesterday and I did not. At this point the only way to access it is via the Serial cable directly from the server and I have not done it that way. I had to put a different router in place temporarily and assign it the same IP address so I did not have to make any changes to the DNS server
The whole situation is just very odd. All we need to do is change the static IP address, default gateway and if applicable primary and secondary DNS. Personally I think they just put it in the wrong spot.
01-21-2015 12:01 PM
If it is a config error, its sounds like either the default route or NAT.
01-21-2015 12:03 PM
SInce I am not a Cisco guy and I need to pass this information onto the Network people that were doing this for us, can I ask where to access those two settings.
01-21-2015 10:38 PM
Everything is in the running-config.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide