How do I set up default gateway on routers outside interface

Pwcjayhawk1 · ‎04-26-2007

I am setting up a new CISCO ASA 5505 to perform NAT, but when I specify the static IP on the outside interface, it only allows me to put in the static IP and the mask. There is no option for putting in the defualt gateway and DNS servers that the ISP provides. I get no internet connectivity this way. How do I input a default gateway so that my private network can get out to the Internet?

Jon Marshall · ‎04-26-2007

Hi

Try

route outside 0.0.0.0 0.0.0.0 "next hop"

where "next hop" is the inside interface of the ISP router or your router if you manage that as well as the firewall.

HTH

Jon

Pwcjayhawk1 · ‎04-26-2007

This didn't work. I am actually using this appliance as the gateway for this office. The DSL connection is coming straight into the outside interface of this device, and the device will then in turn provide NAT for the internal network. I entered the command "route outside 0.0.0.0 0.0.0.0 24.124.37.126 (ISP's default gateway)", but could still not get out to the Internet. Any other suggestions?

Jon Marshall · ‎04-26-2007

Hi

This is the command to set the default gateway on an ASA device so there must be some other problem with connectivity.

Can you ping the ISP gateway address ?

Is your ASA external IP address in the same subnet as the ISP ip address ?

How are you testing connectivity, from a client, from the ASA itself ?

Jon

Pwcjayhawk1 · ‎04-30-2007

Ya, the subnet for the ISP gateway is 255.255.255.224, and that's what I'm putting into the ASA. I am attempting to ping the gateway from the ASA tools menu, but getting no response. It's wierd. I put in the static route of 0.0.0.0 0.0.0.0 24.124.37.124.

Anand Narayana · ‎04-30-2007

what i have understood about your network connectivity is....

(WAN interface)DSL Router(LAN Interface) ----> (outside interface)Cisco ASA(inside internface) -----> LAN switch

if this is the case, then the command as follows in Cisco ASA

route outside 0.0.0.0 0.0.0.0 x.x.x.x

where x.x.x.x is the DSL Router's LAN interface IP address.

once this is done, then try pinging the DSL Router's LAN interface IP address from Cisco ASA.

rate this post if your satisfied.

Jon Marshall · ‎04-30-2007

Hi

Have you allowed icmp to the outside interface ie. in the ASA config

icmp permit any outside

Note:- instead of any you could tie it down to the ISP next hop.

Jon

Pwcjayhawk1 · ‎04-30-2007

Problem solved. What I was doing is routing outside to the gateway address my ISP gave me to set on my old Linksys wireless router. What I did was run a traceroute from one of the PC's while connected to that old router and then wrote down the first hop after the Linksys inside interface address. This hop address is different than the gateway address my ISP gave me (which is wierd). I then switched over to the ASA device and set an outside route to that first hop address. I can now get outside to the Internet from behind the ASA device.