11-10-2014 04:30 AM - edited 03-07-2019 09:26 PM
Hello everybody,
I'm a new one and I need some help how to configure my ASAv.
In my home lab I use Endian Firewall (virtual machine), it works well. Now I have an opportunity to test Cisco ASAv and I can't handle with it, I configured all interfaces which I needed, mgmt, inside and outside. Question is, how to connect Inside with Outside to access the Internet?
Like on the image I have one phisical router Linksys which is the main gateway to the Internet. I use ASDM 7.3, Cisco is configured in the routed mode.
11-10-2014 05:27 AM
Hi
from the pc (172.16.1.2) can you ping 192.168.1.1?
If so, add
route outside 0.0.0.0 0.0.0.0 192.168.1.1 1
to the ASA config
11-10-2014 05:49 AM
Hi,
I can't ping from pc, default gateway for pc is 172.16.1.1, 192.168.1.1 is the gateway for the Outside interface.
11-10-2014 05:59 AM
Ok, if there no filtering in this network, then the Linksys does not know of network 172.16.1.0
The ASA does know of 172.16.1.0 and 192.168.1.0
Can you also configure a route on the Linksys for this network?
ip route 172.16.1.0 255.255.255.0 192.168.1.20
(or whatever syntax the Linksys has)
11-10-2014 06:40 AM
Linksys is a simple home router that is a gateway to the Internet, I thought that its IP address which is 192.168.1.1 should be input in ASAv configuration just I did in Endian Firewall where I input it as gateway.
11-10-2014 07:00 AM
Thats why i said to configure a static route on the ASA, pointing to 192.168.1.1 for the default route of 0.0.0.0 0.0.0.0
(route outside 0.0.0.0 0.0.0.0 192.168.1.1 1)
What did you have configured on the ASA then?
11-10-2014 07:37 AM
I configured as you wrote and nothing more, I wanted only to exchange my Endian with Cisco. How can I check where my route from 172.16.1.1. to 192.168.1.1 is broken?
11-12-2014 04:47 AM
Could you do a traceroute from the pc to 192.168.1.1 and post the output?
11-12-2014 07:19 AM
pc doesn't see that address, pc see only 172.16.1.1 which is its gateway
11-13-2014 03:30 AM
Could you post screenshots of the Linksys and the Asav with their ip and routing information of both devices?
And, if you ping from the ASAv to the pc, do you get replies?
11-13-2014 01:39 PM
Hi,
I attached screenshots from Asav.
I didn't attach screenshot from linksys because I didn't change there anything, like on the image from first post with Endian configuration I put there as a gateway the IP of linksys and it worked.
I attached 2 more files, maybe they will be useful, it is a command ping from ASDM.
11-27-2014 05:48 AM
Hi
sorry for my late reply here.
I see that from the ASA you can ping an Internet address succesfully (from Interface Outside), so your default route is working ok on the ASA. .
Can you now send a ping to 172.16.1.2 (select "Interface Inside" for this) and see if that works?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide