Csico ASA 5505 not connecting to the Internet

Discussion in 'General Computer Support' started by Izoj, Dec 26, 2010.

  1. Izoj

    Izoj

    Joined:
    Dec 26, 2010
    Messages:
    1
    Hi,

    A small company has one public IP address for Internet access. Currently they are using a Cisco router 800 series; there is a local DNS machine with a private IP address with forwarder IP address pointing to the ISP's DNS box.

    Here is the simple basic ASA 5505 config:


    ASA Version 7.2(4)
    !
    hostname myhost
    domain-name example.com
    enable password ************ encrypted
    passwd *********** encrypted
    names
    name 192.168..u.p int_dns
    name h.i.j.q portal_out
    !
    interface Vlan1
    nameif inside
    security-level 100
    ip address 192.168.1.1 255.255.255.0
    !
    interface Vlan2
    nameif outside
    security-level 0
    ip address a.b.c.d 255.255.255.r
    !
    interface Vlan3
    shutdown
    nameif dmz
    security-level 50
    ip address dhcp
    !
    interface Ethernet0/0
    switchport access vlan 2
    !
    interface Ethernet0/1
    !
    interface Ethernet0/2
    !
    interface Ethernet0/3
    !
    interface Ethernet0/4
    !
    interface Ethernet0/5
    !
    interface Ethernet0/6
    !
    interface Ethernet0/7
    !
    ftp mode passive
    dns server-group DefaultDNS
    domain-name example.com
    same-security-traffic permit inter-interface
    same-security-traffic permit intra-interface
    !
    !Allow ping from inside to outside
    !
    access-list ACL_OUT extended permit icmp any any echo-reply
    access-list ACL_OUT extended permit icmp any any source-quench
    access-list ACL_OUT extended permit icmp any any unreachable
    access-list ACL_OUT extended permit icmp any any time-exceeded
    access-list ACL_OUT extended deny icmp any any
    !
    pager lines 24
    logging enable
    logging asdm informational
    mtu inside 1500
    mtu outside 1500
    mtu dmz 1500
    no failover
    monitor-interface inside
    monitor-interface outside
    monitor-interface dmz
    icmp unreachable rate-limit 1 burst-size 1
    asdm image disk0:/asdm-524.bin
    no asdm history enable
    arp timeout 14400
    nat-control
    global (outside) 1 interface
    nat (inside) 1 0.0.0.0 0.0.0.0
    access-group ACL_OUT in interface outside
    route outside 0.0.0.0 0.0.0.0 x.y.z.k 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    http server enable
    http 192.168.1.0 255.255.255.0 inside
    http 192.168.1.g 255.255.255.255 inside
    no snmp-server location
    no snmp-server contact
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    !
    !Allow telnet and ssh within and to ASA and RTR
    !
    telnet 192.168.1.0 255.255.255.0 inside
    telnet x.y.w.k 255.255.255.255 inside
    telnet a.b.c.d 255.255.255.255 inside
    telnet timeout 5
    ssh 192.168.1.0 255.255.255.0 inside
    ssh timeout 5
    console timeout 0
    dhcpd auto_config outside
    !
    dhcpd address 192.168.1.2-192.168.1.254 inside
    dhcpd enable inside
    !

    !
    !
    prompt hostname context
    auto-update server Cryptochecksum:YYYYYYYYYYYYYYYYYYYXXXXXXXXXXXXXX
    : end
    asdm image disk0:/asdm-524.bin
    no asdm history enable


    Result: cant browse the net!!!

    Where did i go wrong? Any advice - appreciated

    I
     
    Izoj, Dec 26, 2010
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. xxnonexspamxnonexx@tampascanner.info

    Csico 804 ISDN-6-NO_TIMER Errors

    xxnonexspamxnonexx@tampascanner.info, Feb 19, 2006, in forum: Cisco
    Replies:
    1
    Views:
    749
  2. ITCOM

    Csico 1721 Setup

    ITCOM, Mar 22, 2007, in forum: Cisco
    Replies:
    0
    Views:
    371
    ITCOM
    Mar 22, 2007
  3. bjorn@kumlait.se
    Replies:
    1
    Views:
    3,451
    bjorn@kumlait.se
    Jun 17, 2007
  4. Dogg Child

    Re: ASA 5505 behind ASA 5505

    Dogg Child, Jun 7, 2010, in forum: Cisco
    Replies:
    0
    Views:
    728
    Dogg Child
    Jun 7, 2010
  5. Dogg Child

    ASA 5550 behind ASA 5505

    Dogg Child, Jun 7, 2010, in forum: Cisco
    Replies:
    4
    Views:
    1,136
    Morph
    Jun 8, 2010
Loading...

Share This Page