cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1975
Views
0
Helpful
11
Replies

Cisco ASAv configuration

exsitezet1
Level 1
Level 1

Hello everybody,

I'm a new one and I need some help how to configure my ASAv.

In my home lab I use Endian Firewall (virtual machine), it works well. Now I have an opportunity to test Cisco ASAv and I can't handle with it, I configured all interfaces which I needed, mgmt, inside and outside. Question is, how to connect Inside with Outside to access the Internet?

Like on the image I have one phisical router Linksys which is the main gateway to the Internet. I use ASDM 7.3, Cisco is configured in the routed mode.

11 Replies 11

Ton V Engelen
Level 3
Level 3

Hi

 

from the pc (172.16.1.2) can you ping 192.168.1.1? 

If so, add 

route outside 0.0.0.0 0.0.0.0 192.168.1.1 1

to the ASA config

 

 

 

Hi,

I can't ping from pc, default gateway for pc is 172.16.1.1, 192.168.1.1 is the gateway for the Outside interface.

Ok, if there no filtering in this network, then the Linksys does not know of network 172.16.1.0

The ASA does know of 172.16.1.0 and 192.168.1.0

 

Can you also configure a route on the Linksys for this network?

ip route 172.16.1.0 255.255.255.0 192.168.1.20

 

(or whatever syntax the Linksys has)

 

Linksys is a simple home router that is a gateway to the Internet, I thought that its IP address which is 192.168.1.1 should be input in ASAv configuration just I did in Endian Firewall where I input it as gateway.

Thats why i said to configure a static route on the ASA, pointing to 192.168.1.1 for the default route of 0.0.0.0 0.0.0.0

(route outside 0.0.0.0 0.0.0.0 192.168.1.1 1)

What did you have configured on the ASA then?

I configured as you wrote and nothing more, I wanted only to exchange my Endian with Cisco. How can I check where my route from 172.16.1.1. to 192.168.1.1 is broken?

Could you do a traceroute from the pc to 192.168.1.1 and post the output? 

 

 

pc doesn't see that address, pc see only 172.16.1.1 which is its gateway

Could you post screenshots of the Linksys and the Asav with their ip and routing information of both devices?

 

And, if you ping from the ASAv to the pc, do you get replies?

Hi,

I attached screenshots from Asav.

I didn't attach screenshot from linksys because I didn't change there anything, like on the image from first post with Endian configuration I put there as a gateway the IP of linksys and it worked.

I attached 2 more files, maybe they will be useful, it is a command ping from ASDM.

Hi

sorry for my late reply here. 

I see that from the ASA you can ping an Internet address succesfully (from Interface Outside), so your default route is working ok on the ASA. . 

Can you now send a ping to 172.16.1.2 (select "Interface Inside" for this) and see if that works? 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco