Hi.. We are having real problems trying to get NAT to work on our ASA. I have 2 problems.

1. With the below config I cannot ping out to an internet address of though I can browse the internet?

2. I cannot reach port 25 or any other Port. They are allow though my acl's.. is there something wrong with the way I have set up NAT??

hostname ciscoasa

domain-name default.domain.invalid

enable password AHg/jZkGOJYyOC6O encrypted

names

name 192.168.1.4 fixitserv1

!

interface Vlan1

nameif inside

security-level 100

ip address 192.168.1.254 255.255.255.0

!

interface Vlan2

nameif outside

security-level 0

pppoe client vpdn group 1

ip address pppoe setroute

!

interface Ethernet0/0

switchport access vlan 2

!

interface Ethernet0/1

!

interface Ethernet0/2

!

interface Ethernet0/3

!

interface Ethernet0/4

!

interface Ethernet0/5

!

interface Ethernet0/6

!

interface Ethernet0/7

!

passwd 2KFQnbNIdI.2KYOU encrypted

ftp mode passive

dns server-group DefaultDNS

domain-name default.domain.invalid

icmp-object echo

access-list ACLOUTSIDE extended permit tcp any host fixitserv1 eq smtp

access-list ACLOUTSIDE extended permit tcp any host fixitserv1 eq https

access-list ACLOUTSIDE extended permit tcp any host fixitserv1 eq ftp

access-list ACLOUTSIDE extended permit tcp any host fixitserv1 eq ftp-data

access-list ACLOUTSIDE extended permit tcp any host fixitserv1 eq www

access-list ACLOUTSIDE extended permit gre any any

access-list ACLOUTSIDE extended permit icmp any any echo-reply

access-list ACLOUTSIDE extended permit icmp any any echo

pager lines 24

logging enable

logging asdm informational

mtu inside 1500

mtu outside 1500

icmp unreachable rate-limit 1 burst-size 1

asdm image disk0:/asdm-522.bin

no asdm history enable

arp timeout 14400

nat-control

global (outside) 1 interface

nat (inside) 1 0.0.0.0 0.0.0.0

static (inside,outside) 203.222.69.26 fixitserv1 netmask 255.255.255.255

access-group ACLOUTSIDE in interface outside

route outside 0.0.0.0 0.0.0.0 203.222.69.26 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout uauth 0:05:00 absolute

http server enable

http 192.168.1.0 255.255.255.0 inside

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

telnet timeout 5

ssh timeout 5

console timeout 0

vpdn group 1 request dialout pppoe

vpdn group 1 localname fixit-it2@connexus.net.au

vpdn group 1 ppp authentication chap

vpdn username fixit-it2.connexus.net.au password ********* store-local

vpdn username fixit-it2@connexus.net.au password *********

dhcpd auto_config outside

!

!

class-map inspection_default

match default-inspection-traffic

!

!

policy-map type inspect dns preset_dns_map

parameters

message-length maximum 512

policy-map global_policy

class inspection_default

inspect dns preset_dns_map

inspect ftp

inspect h323 h225

inspect h323 ras

inspect rsh

inspect rtsp

inspect esmtp

inspect sqlnet

inspect skinny

inspect sunrpc

inspect xdmcp

inspect sip

inspect netbios

inspect tftp

!

service-policy global_policy global

prompt hostname context

Cryptochecksum:a5bec26d26a65c047c5106b595fc949c

: end