06-20-2007 05:22 AM - edited 03-05-2019 04:51 PM
This is my first encounter with a Cisco product so be nice please ;)
I have the Base License for my 5505 and have currently 3 VLANs (outside, inside and guest). The inside VLAN is working as expected but I can't get my guest VLAN to access the Internet. The Packet Tracer in ADSM tells me that packets can flow from the guest VLAN to the Internet but it does not work in practice.
Can any kind soul take a peek @ my config and give me any clues?
Thanks in advance!
Solved! Go to Solution.
06-20-2007 05:32 AM
Where are the dns servers?
06-20-2007 05:25 AM
Try...
nat (guest) 1 0.0.0.0 0.0.0.0
Please rate if it helps.
06-20-2007 05:31 AM
Perfect! Now it's possible to browse the web by IP. DNS-resolution gets stuck in the ASA though so browsing to www.cisco.com fails. Any hints on that?
06-20-2007 05:32 AM
Where are the dns servers?
06-20-2007 05:39 AM
Never mind! A write mem command did the trick. Works like a charm now.
If anyone has the time:
Is a guest VLAN restricted from the inside VLAN considered a secure configuration? I mean, these networks are physically connected to each other. I guess there are ways to compromise the ASA and get access to the inside from my guest VLAN?
I have other public IP:s and could put the guests on another router as:
Internet
|
|
Switch--------ASA 5505------Inside network
|
|
Other FW-------Guest network
All suggestions are most welcome!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide