Unable to ping (or connect) across network through Router/ASA
I've built a lab in gns3, one router and one ASA, the ASA has an inside, DMZ (with a small network behind it with just 1 server up and running at present) and an outside interface whilst the router has 3 interfaces on 3 subnets that connect a PC in each of the subnets using VMWare.
Basically, what I am trying to achieve is be able to connect through a pc in say the HR subnet through to the webserver in the DMZ, the webserver is LAMP, which is a pre-built VMWare appliance that runs webservices and it's mainly to just test.
I'm obviously missing out somethign simple as I can see it trying to connect through the ASDM log messages. I have changed the firewall rules to reflect this but still no avail.
I would appreciate some assistance if someone could spare 5 mins, I would really appreciate it.
Your R1 config is incomplete, so I'm basing this entirely on the ASA config. I would remove the global_access ACL and change the inside_access_in ACL to permit ip any any. Also make sure that the webserver has a default gateway of 192.168.70.10.
Make sure that R1 has the necessary routes to get to 192.168.100.0/24 subnet.
Also keep in mind that I've seen strange behavior with the ASA in GNS3. It sometimes won't pass traffic like it's supposed to.
Thanks for the reply Mike, I had put static routes from R1 pointing to the ASA and to the correct subnet...I will update the config later, but I am getting deny messages from the ASA basically saying it cannot see the route, as if it's trying to go out the outside interface...I believe it is something that I am doing wrong rather than GNS3.
I will try your suggestion tonight as I did notice last night that GNS3 wouldn't let me launch ASDM until the ASA was reloaded.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...