Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
181
Views
0
Helpful
2
Replies

vms unable to access internet via ASA 5505

mail.joegaffney
Level 1
Level 1

‎11-05-2016 11:07 AM - edited ‎03-12-2019 01:29 AM

hi, hoping you can help....

I have an ESXI host attached directly to an ASA 5505 (running dhcp) but vms setup with static ips on the ESXI are unable to access the internet...

Spent a lot of time trying to get this working and attached the current config hoping it might help.

many thanks

 

 

Labels:
Preview file
20 KB
0 Helpful
2 Replies 2

Pablo
Cisco Employee
Cisco Employee

‎11-06-2016 01:49 PM

Joe,
The main problem I see in your configuration is that you defined all your NAT entries as (any,any). This might lead to a lot of issues, specially considering that you also have SSL and L2L VPNs.
For example this NAT is your first defined entry but it makes no sense at all:
nat (any,any) source static any any
Reconfigure your NAT entries and if you still have issues please copy the result of a packet tracer simulating traffic from the 192.168.1.0/24 network.
HTH
Pablo
0 Helpful

mail.joegaffney
Level 1
Level 1
In response to Pablo

‎11-06-2016 03:43 PM

thanks Pablo,

1: 11:18:59.168219 802.1Q vlan#1 P0 192.168.1.8.80 > 8.8.8.8.80: S 1473 ^ ^168247:1473168247(0) win 8192

packet tracer seems to show there is packets getting through?

Preview file
80 KB
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card