hello for best fourms and all members i bought cisco asa 5540 i have cisco router 2811 with static ip XX.xx.XX.x/30 and make nat to conected to internet pat nat and have XX.xx.XX.x/29 for exchange server
lan ---- asa---router ---internet
i want to confiure asa behind router i mean leave all configure on cisco router when i make out side and inside lan all is ok but all pc conected on inside interface of asa 5540 cannot access to internet and also cannot ping from pc ip on interface outside i permet icmp in servise poilcy and incpection icmp but i mean no conection not ping only can any one help me in this
i configured cisco asa 5540
and i can ping 18.104.22.168
and replay me
but i cannot access to internet from pc conected to lan
and i can ping interface router conected by asa ip 192.168.193.2 but i cannot ping interfce asa 192.168.193.3
this my configuration
ip address 192.168.193.3 255.255.255.0
ip add 192.168.191.1 255.255.255.0
nat (inside) 1 192.168.191.1 255.255.255.0
global (outside) 1 interface
fixup protocol dns maximum-length 512 fixup protocol ftp 21
Seems your ASAs outside interface IP address is from private IP address range.
This needs to be public IP address range also as the hosts behind the ASA will use the interface IP address to connect to Internet and the current IP address isnt routable in Internet as its a private address.
You must either have 2 public IP address ranges.
One between ISP and your router
One between the Router and ASA
Or you would have to do NAT on the router before the traffic goes to public network.
I'm not sure if I understood the setup correctly
Also seems strange that your configuration includes "fixups" configurations lines. To my understanding those are only for series 6.x software and any ASA would already come with a minimum of series 7.x software.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :