We have purchased a 5510 to use with our commerical network. We want to allow the inside Internet access through the outside but with no luck so far (None of us are experienced enough with cisco firewalls). The inside is connected to a cisco 500 switch and the outside is connected to the ISP cable modem. Any help will be greatly appreciate.
do agree with Aleksey , did you remove route outside 0 0 x.x.42.1 1 1?,when interface is configured as dhcp setroute asa outside interface will get IP from ISP as well as get a default route injected into ASA, do not need that statement as default route is provided dynamically.
when you remove the above make sure you are getting a default route,issue show route | inc 0.0.0.0 and verify you have a gateway of last resort, then try pinging by using IP address from inside to outside like this ip 184.108.40.206 http://www.yahoo.com.
What type of dns are you using,are inside clients using internal DNS?, or are you using dns given by ISP dynamically, if it is provided dynamically you may need to add in global config mode dhcpd auto_config outside but if using internal dns then this does not applies but please check.
When I ping from inside to outside, I do not see anything in the asdm live log
nside hosts are not geting nated.
Make sure :
Inside client you are testing from is using correct default gateway of 10.0.0.3 if your inside client is under 10.0.0.0/24 Ip scheme, check tcpip settings correct mask, dns info
If all of above check to be fine and still no joy replace these two statements.
I am finally able to ping the outside from a inside system, but I cannot get a inside system to browse the Internet. I also cannot ping the outside interface address. Not sure this is normal. The inside systems will use an internal DNS, once the server has been properly set. I have been working the Internet access first.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :