cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1251
Views
0
Helpful
11
Replies
Highlighted
Beginner

Cisco ASAv configuration

Hello everybody,

I'm a new one and I need some help how to configure my ASAv.

In my home lab I use Endian Firewall (virtual machine), it works well. Now I have an opportunity to test Cisco ASAv and I can't handle with it, I configured all interfaces which I needed, mgmt, inside and outside. Question is, how to connect Inside with Outside to access the Internet?

Like on the image I have one phisical router Linksys which is the main gateway to the Internet. I use ASDM 7.3, Cisco is configured in the routed mode.

11 REPLIES 11
Highlighted
Participant

Hi from the pc (172.16.1.2)

Hi

 

from the pc (172.16.1.2) can you ping 192.168.1.1? 

If so, add 

route outside 0.0.0.0 0.0.0.0 192.168.1.1 1

to the ASA config

 

 

 

Beginner

Hi,I can't ping from pc,

Hi,

I can't ping from pc, default gateway for pc is 172.16.1.1, 192.168.1.1 is the gateway for the Outside interface.

Highlighted
Participant

Ok, if there no filtering in

Ok, if there no filtering in this network, then the Linksys does not know of network 172.16.1.0

The ASA does know of 172.16.1.0 and 192.168.1.0

 

Can you also configure a route on the Linksys for this network?

ip route 172.16.1.0 255.255.255.0 192.168.1.20

 

(or whatever syntax the Linksys has)

 

Highlighted
Beginner

Linksys is a simple home

Linksys is a simple home router that is a gateway to the Internet, I thought that its IP address which is 192.168.1.1 should be input in ASAv configuration just I did in Endian Firewall where I input it as gateway.

Highlighted
Participant

Thats why i said to configure

Thats why i said to configure a static route on the ASA, pointing to 192.168.1.1 for the default route of 0.0.0.0 0.0.0.0

(route outside 0.0.0.0 0.0.0.0 192.168.1.1 1)

What did you have configured on the ASA then?

Highlighted
Beginner

I configured as you wrote and

I configured as you wrote and nothing more, I wanted only to exchange my Endian with Cisco. How can I check where my route from 172.16.1.1. to 192.168.1.1 is broken?

Highlighted
Participant

Could you do a traceroute

Could you do a traceroute from the pc to 192.168.1.1 and post the output? 

 

 

Highlighted
Beginner

pc doesn't see that address,

pc doesn't see that address, pc see only 172.16.1.1 which is its gateway

Highlighted
Participant

Could you post screenshots of

Could you post screenshots of the Linksys and the Asav with their ip and routing information of both devices?

 

And, if you ping from the ASAv to the pc, do you get replies?

Highlighted
Beginner

Hi,here are screenshots from

Hi,

I attached screenshots from Asav.

I didn't attach screenshot from linksys because I didn't change there anything, like on the image from first post with Endian configuration I put there as a gateway the IP of linksys and it worked.

I attached 2 more files, maybe they will be useful, it is a command ping from ASDM.

Highlighted
Participant

Hisorry for my late reply

Hi

sorry for my late reply here. 

I see that from the ASA you can ping an Internet address succesfully (from Interface Outside), so your default route is working ok on the ASA. . 

Can you now send a ping to 172.16.1.2 (select "Interface Inside" for this) and see if that works? 

CreatePlease to create content
Content for Community-Ad