5505 routing problem

Unanswered Question
Oct 12th, 2007
User Badges:

Hi Folks,


Newbie here. Searched the forum and can't find an answer.


Situation, a 5505 between the inside network (192.168.130.x) and the "outside" network (192.168.135.x) - they are LAN's that have their own IPs, the outside network consists of wireless equipment so we only want to let port 80 through so they can connect to an internal web server to deliver content to the wireless PDAs on the outside.


(In an ideal world, we'd also like to set up a NAT on the outside interface so that none of the wireless traffic gives away any of the internal IP addresses in the chatter.)


We've managed to get it so that anything on the inside interface works fine and a response comes from the wireless devices ... however, nothing on the outside can initiate a conversation with anything on the inside. The outside interface on the 5505 won't even respond to ping, even after defining any-any rules on everything.


The router has a "basic" licence, and I am wondering if there is a restriction. The manual says...


Base Platform

Transparent Mode - Up to two active VLANs

Routed Mode - Up to three active VLAN's. The DMZ VLAN is restricted from initiating traffic to the inside VLAN.


So ... is this the case please, and if so, how do I switch the router in to transparent mode? Or how do I configure the router to do what is needed as outlined above, please? - or are we going to have to get a higher licence?


Any assistance greatly appreciated.


Michelle Knight

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
owillins Thu, 10/18/2007 - 07:41
User Badges:
  • Silver, 250 points or more

Before you begin configuring the adaptive security appliance to accept remote access IPsec VPN connections, make sure that you have the following information available:

Range of IP addresses to be used in an IP pool. These addresses are assigned to remote VPN clients as they are successfully connected.


List of users to be used in creating a local authentication database, unless you are using a AAA server for authentication.

Networking information to be used by remote clients when connecting to the VPN, including the following:

IP addresses for the primary and secondary DNS servers

IP addresses for the primary and secondary WINS servers

Default domain name

List of IP addresses for local hosts, groups, and networks that should be made accessible to authenticated remote clients

and also Upload the detail toplolgy, paste sh run and sh ver config.


msknight5 Thu, 10/18/2007 - 07:54
User Badges:

Dear Owillins,


Thank you for responding. I have to admit that after no response for a while, I turned to a few other people and got the issue sorted. It turned out to be PAT upsetting various things that were happening.


Apologies for not updating the thread but I thought that with this amount of time, it had sunk without trace.


Thanks once again for taking the time to respond.


Michelle.

Actions

This Discussion