ASA 5505 being used as a router only - allow everything

ellisteph12 · ‎12-02-2013

Hi,

I urgently need to set up a spare ASA 5505 we have as a direct router between our external internet connection and our internal private network.

10.x.x.x Network -> Default Gateway ASA 10.x.x.3 -> 'outside' network 82.x.x.x

I have set as many Allow rules as I can but still cannot get anything from a 10.x.x.x system out onto the internet.

is there a way of just having the 5505 act as a simple router and allow everything back and forth?

Thanks,

E

Jon Marshall · ‎12-02-2013

Ellis

Do you want to allow connections to be initiated only from inside (the return traffic will be allowed by default). Or do you need to allow external connections to be initiated to the 10.x.x.x network. By initiated i mean who starts the actual connection.

What version of ASA code are you using ?

Do you have a default route pointing to the ISP router ?

Jon

cadet alain · ‎12-03-2013

Hi,

You may need to NAT your internal network on the ASA if your current modem/router doesn't accept to NAT non directly connected subnets.If it accepts you'll need a static route on this modem/router for the 10 network pointing towards ASA.

Provide us the ASA version you've got because the NAT config has changed beginning from 8.3

Regards

Alain

Don't forget to rate helpful posts.

ellisteph12 · ‎12-03-2013

Thankyou for the help. I got around the issue by entering

route outside 0.0.0.0 0.0.0.0 1

access-list outside_access_in permit icmp any any

access-group outside_access_in in interface outside

All working fine now.