Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

jsd
New Member

ASA 5505: Guest VLAN Internet access

This is my first encounter with a Cisco product so be nice please ;)

I have the Base License for my 5505 and have currently 3 VLANs (outside, inside and guest). The inside VLAN is working as expected but I can't get my guest VLAN to access the Internet. The Packet Tracer in ADSM tells me that packets can flow from the guest VLAN to the Internet but it does not work in practice.

Can any kind soul take a peek @ my config and give me any clues?

Thanks in advance!

1 ACCEPTED SOLUTION

Accepted Solutions
Green

Re: ASA 5505: Guest VLAN Internet access

Where are the dns servers?

4 REPLIES
Green

Re: ASA 5505: Guest VLAN Internet access

Try...

nat (guest) 1 0.0.0.0 0.0.0.0

Please rate if it helps.

jsd
New Member

Re: ASA 5505: Guest VLAN Internet access

Perfect! Now it's possible to browse the web by IP. DNS-resolution gets stuck in the ASA though so browsing to www.cisco.com fails. Any hints on that?

Green

Re: ASA 5505: Guest VLAN Internet access

Where are the dns servers?

jsd
New Member

Re: ASA 5505: Guest VLAN Internet access

Never mind! A write mem command did the trick. Works like a charm now.

If anyone has the time:

Is a guest VLAN restricted from the inside VLAN considered a secure configuration? I mean, these networks are physically connected to each other. I guess there are ways to compromise the ASA and get access to the inside from my guest VLAN?

I have other public IP:s and could put the guests on another router as:

Internet

|

|

Switch--------ASA 5505------Inside network

|

|

Other FW-------Guest network

All suggestions are most welcome!

1151
Views
5
Helpful
4
Replies