Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
265
Views
0
Helpful
2
Replies

5505 routing problem

msknight5
Level 1
Level 1

‎10-12-2007 05:27 AM - edited ‎03-05-2019 07:03 PM

Hi Folks,

Newbie here. Searched the forum and can't find an answer.

Situation, a 5505 between the inside network (192.168.130.x) and the "outside" network (192.168.135.x) - they are LAN's that have their own IPs, the outside network consists of wireless equipment so we only want to let port 80 through so they can connect to an internal web server to deliver content to the wireless PDAs on the outside.

(In an ideal world, we'd also like to set up a NAT on the outside interface so that none of the wireless traffic gives away any of the internal IP addresses in the chatter.)

We've managed to get it so that anything on the inside interface works fine and a response comes from the wireless devices ... however, nothing on the outside can initiate a conversation with anything on the inside. The outside interface on the 5505 won't even respond to ping, even after defining any-any rules on everything.

The router has a "basic" licence, and I am wondering if there is a restriction. The manual says...

Base Platform

Transparent Mode - Up to two active VLANs

Routed Mode - Up to three active VLAN's. The DMZ VLAN is restricted from initiating traffic to the inside VLAN.

So ... is this the case please, and if so, how do I switch the router in to transparent mode? Or how do I configure the router to do what is needed as outlined above, please? - or are we going to have to get a higher licence?

Any assistance greatly appreciated.

Michelle Knight

Labels:
0 Helpful
2 Replies 2

owillins
Level 6
Level 6

‎10-18-2007 07:41 AM

Before you begin configuring the adaptive security appliance to accept remote access IPsec VPN connections, make sure that you have the following information available:

Range of IP addresses to be used in an IP pool. These addresses are assigned to remote VPN clients as they are successfully connected.

List of users to be used in creating a local authentication database, unless you are using a AAA server for authentication.

Networking information to be used by remote clients when connecting to the VPN, including the following:

IP addresses for the primary and secondary DNS servers

IP addresses for the primary and secondary WINS servers

Default domain name

List of IP addresses for local hosts, groups, and networks that should be made accessible to authenticated remote clients

and also Upload the detail toplolgy, paste sh run and sh ver config.

0 Helpful

msknight5
Level 1
Level 1
In response to owillins

‎10-18-2007 07:54 AM

Dear Owillins,

Thank you for responding. I have to admit that after no response for a while, I turned to a few other people and got the issue sorted. It turned out to be PAT upsetting various things that were happening.

Apologies for not updating the thread but I thought that with this amount of time, it had sunk without trace.

Thanks once again for taking the time to respond.

Michelle.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card