5505 side, inside interface acl is permit (sourse any, destination - any less secure networks)

and outside interface acl is deny (sourse - any, destionation - any) implicient rule ...

I configing it with ASDM ... :)

why i cant ping my ASA's outside interface IP. i configed icmp with ,,permit any inside

icmp permit any outside'' .... ?

I think that i have to open (with ACL) IP, TCP, and UDP protocols from inside to outside, to have access for internet and ping...

Am i right ... ?

P.S. its my first time practise with ASA... and that's why i look so lam...

plz, need UR advice ... :)))

Great TNX in advance :)))

Regards

Any Idea ???

Please check, you only permit VPN traffic for no nat, if you have any any in access-list your all traffic is going without nat, please modify the access-list to allow only VPN traffic for nonat and rest all for nat so that you can browse the internet,

U cant ping outside interface of firewall from inside, do the icmp inspect in policy map

and here define insepct icmp.

(nat config) it exempt (nat) sourse - inside network 10.7.7.0/24 destination network 10.1.1.0/24. it means that only VPN connection traffic is permitted for nat.. i'm going to config PAT for inside host on the outside interface, to have access to the public resources (is this right solutions ???) except the nat should i configure ACL to permit IP protocol (have access inside host to outside ) ... ?

P.S. I'm configuring ASA's FW with ASDM.

wasiimcisco,

It was very kind from UR side... Thank you.

Regards, Batumi3

Sorry for my poor English.... What i wrote is not preaty clear 4 U ... ?!

Hope smb will reply me :)))