ASA5505 no route inside to outside

Discussion in 'Cisco' started by only1j, May 5, 2011.

  1. only1j

    only1j

    Joined:
    May 5, 2011
    Messages:
    2
    I needed to set up a new vlan. I thought I did everything correctly, but evidently did not. I am unable to go outside from the new vlan. I get an ip, which comes from the internal dhcp server, the interface is up, link is up. I just cannot get out. Below is part of the config. Any help greatly appreciated!!!

    Result of the command: "sh run"

    : Saved
    :
    ASA Version 7.2(2)
    !
    hostname NA
    domain-name NA
    enable password 3AdZPyMAFzf9RNMm encrypted
    names
    !
    interface Vlan1
    nameif inside
    security-level 100
    ip address 10.50.1.1 255.255.255.0
    !
    interface Vlan2
    nameif outside
    security-level 0
    ip address xxx.xxx.xxx.xxx 255.255.255.248
    !
    interface Vlan12
    no forward interface Vlan1
    nameif new vlan
    security-level 100
    ip address 192.168.200.1 255.255.255.0
    !
    interface Ethernet0/0
    switchport access vlan 2
    !
    interface Ethernet0/1
    !
    interface Ethernet0/2
    !
    interface Ethernet0/3
    !
    interface Ethernet0/4
    switchport access vlan 12
    !
    interface Ethernet0/5
    !
    interface Ethernet0/6
    !
    interface Ethernet0/7
    !
    passwd 3AdZPyMAFzf9RNMm encrypted
    ftp mode passive
    dns server-group DefaultDNS
    domain-name NA
    pager lines 24
    logging enable
    logging asdm informational
    mtu inside 1500
    mtu outside 1500
    mtu new vlan 1500
    ip local pool nana_POOL 10.50.1.40-10.50.1.50 mask 255.255.255.0
    icmp unreachable rate-limit 1 burst-size 1
    asdm image disk0:/asdm-522.bin
    no asdm history enable
    arp timeout 14400
    global (outside) 1 interface
    nat (inside) 0 access-list inside_nat0_outbound
    nat (inside) 1 0.0.0.0 0.0.0.0
    nat (new vlan) 0 access-list new vlan_nat0_outbound
    access-group outside_access_in in interface outside
    route outside 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout uauth 0:05:00 absolute
    no eou allow clientless
    group-policy nana internal
    group-policy nana attributes
    dns-server value 4.2.2.2
    vpn-tunnel-protocol IPSec
    ipsec-udp enable
    split-tunnel-policy tunnelall
    split-tunnel-network-list value nana_splitTunnelAcl_1
    default-domain value NA
    nac-default-acl value nana
    client-firewall none
    webvpn
    url-list value nana
    group-lock value nana
    vpn-group-policy nana
    dhcpd enable new vlan
    !

    !
    class-map inspection_default
    match default-inspection-traffic
    !
    !
    policy-map type inspect dns preset_dns_map
    parameters
    message-length maximum 512
    policy-map global_policy
    class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    inspect pptp
    !
    service-policy global_policy global
    webvpn
    url-list nana "nana" http://xxx.xxx.xxx.xxx 1
    prompt hostname context
    Cryptochecksum:32f07a8f9c1cc02bf1f03f736eb7c668
    : end
     
    only1j, May 5, 2011
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. AJ
    Replies:
    2
    Views:
    3,602
    Johnny Bravo
    Oct 31, 2003
  2. Dan Rice
    Replies:
    9
    Views:
    941
    Dan Rice
    Feb 4, 2005
  3. Yogz
    Replies:
    1
    Views:
    3,050
  4. Jack
    Replies:
    0
    Views:
    687
  5. ilan.berco@gmail.com
    Replies:
    9
    Views:
    5,202
    Scott Perry
    Aug 7, 2008
Loading...

Share This Page