Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1024
Views
20
Helpful
17
Replies

ASA 5506X -- VPN up but no access to internet

Go to solution
Nogie
Level 1
Level 1

‎09-26-2022 12:18 AM

Hi,

I am trying to configure my asa to give internet access to my "LOCAL_NETWORK" endpoints. The ASA can ping out to google but endpoints inside the "LOCAL_NETWORK" cannot get to the internet. Also enpoints in the "LOCAL_HOME_NETWORK" can get to the internet.

Please see the configuration and let me know what I am doing wrong. Any pointers will be much appreciated.

Thanks

Labels:
Preview file
6 KB
0 Helpful
17 Replies 17

Go to solution
MHM Cisco World
VIP
VIP
In response to Nogie

‎09-26-2022 07:52 AM

access-list IN-OUT extended permit ip object LOCAL_NETWORK object CENTOS.ORG <<- Yes but you have ACL to deny ping to 8.8.8.8 ?

0 Helpful

Go to solution
Nogie
Level 1
Level 1
In response to MHM Cisco World

‎09-26-2022 08:41 AM

I am not sure where the ACL to deny ping to 8.8.8.8 if I have one. Any pointers?

Go to solution
MHM Cisco World
VIP
VIP
In response to Nogie

‎09-26-2022 08:46 AM

access-group IN-OUT in interface inside

access-list IN-OUT extended permit ip object LOCAL_NETWORK object CENTOS.ORG
first add this line 

access-list IN-OUT extended permit ip object LOCAL-NETWORK host 8.8.8.8

we need to check that ACL which deny traffic 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents