5510 Internal to External Communication problems

Unanswered Question
Dec 17th, 2007
User Badges:

Hi all. I'm working on setting up a small companies network, and my main background is Enterprise MCSE type activities so you'll have to excuse my easy questions.


I've configured a 5510 about 5 times now using the GUI and each time has resulted with the same problem.


My inside and outside interfaces don't communicate. Outside is good to Verizon, and inside is good to the LAN, but no cross talk.


I read this thread, http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Security&topic=Firewalling&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.2cbeded2


I don't have access to my show run remotely yet, but it sounds like that may fix my issues as well?


Does this sound right?


v/r

Jim

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
acomiskey Mon, 12/17/2007 - 10:04
User Badges:
  • Green, 3000 points or more

Definitely need to see the config.

jamesk1792 Mon, 12/17/2007 - 10:17
User Badges:

I won't have access to it until tomorrow.


I'm under the impression that I need some type of route between the two. I was suprised that it wasn't configured by default.


Is there anything I should look for in my config offhand that enables the two interfaces to communicate? I'm just trying to go in tomorrow with more information than I left with yesterday.


ie:


static (Internal,External) 64.179.10.29 192.168.0.x netmask 255.255.255.255

static (Internal,External) 64.179.10.32 192.168.0.x netmask 255.255.255.255


Thanks again, I'll work on getting the config.

acomiskey Mon, 12/17/2007 - 10:27
User Badges:
  • Green, 3000 points or more

So inside hosts cannot access the internet?

jamesk1792 Mon, 12/17/2007 - 10:33
User Badges:

Correct.


-Everything inside can ping my "inside" interface, and my "inside" can ping servers on the lan.

-I can ping the external DNS servers and such at verizon from my "Outside" interface in the gui.

-I can't ping the "inside" interface from the "outside" interface from the gui, and vice versus.


External is 65.213.212.130 which pings out fine.

Internal is 192.168.7.1


No cross communication.

acomiskey Mon, 12/17/2007 - 10:37
User Badges:
  • Green, 3000 points or more

Shouldn't need much more than..


global (outside) 1 interface

nat (inside) 1 0 0

jamesk1792 Mon, 12/17/2007 - 10:49
User Badges:

Thanks. That should be easy enough.


Is this something you always have to go into the command line to enter?


I did the wizard from scratch a good 5 times and I would have thought that it would route the outside 0/0 to port 0/1 that I am running my internal off of.


Thank you very much for your time.

Actions

This Discussion