if I did not want any traffic going out to the internet, do I need to NAT anything?
Ans - No.. you dont need to.. If the traffic is not going to hit the inside interface of the PIX, and traverse through it to outside or any other interface, you dont need to NAT the traffic, since the PIX is not doing anything with that traffic....
2)what acl's and rule sets would I need?
Ans - Are you setting up a remote access VPN ? if so, you dont need to setup any rules on the outside or inside.. if there are any ACL's on the inside already, then you need to modify it accordingly... once you get an ip address from the pool, try to ping to any of the devices on the inside network.. if the ip pool is from a different subnet, then you gotta do some nat 0's...
3) internet issue:
Is the DSL router connecting directly to the ASA ? Have you configured the ASA for PPPoE or is the DSL modem working in bridge mode ? Is 126.96.36.199 the IP address given by the ISP through DSL ? if so, you can use the commands
nat (inside) 1 172.16.4.0 255.255.255.0
global (outside) 1 interface
give a show xlate and see if you getting any translations.. Also check if the ISP gives you any default gateway when connecting on DSL on the ASA... if there is no default gateways given, internet might not work !!!
Hope this helps.. all the best.. rate replies if found useful..
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :