12-02-2013 10:59 AM - edited 03-07-2019 04:53 PM
Hi,
I urgently need to set up a spare ASA 5505 we have as a direct router between our external internet connection and our internal private network.
10.x.x.x Network -> Default Gateway ASA 10.x.x.3 -> 'outside' network 82.x.x.x
I have set as many Allow rules as I can but still cannot get anything from a 10.x.x.x system out onto the internet.
is there a way of just having the 5505 act as a simple router and allow everything back and forth?
Thanks,
E
12-02-2013 03:56 PM
Ellis
Do you want to allow connections to be initiated only from inside (the return traffic will be allowed by default). Or do you need to allow external connections to be initiated to the 10.x.x.x network. By initiated i mean who starts the actual connection.
What version of ASA code are you using ?
Do you have a default route pointing to the ISP router ?
Jon
12-03-2013 02:38 AM
Hi,
You may need to NAT your internal network on the ASA if your current modem/router doesn't accept to NAT non directly connected subnets.If it accepts you'll need a static route on this modem/router for the 10 network pointing towards ASA.
Provide us the ASA version you've got because the NAT config has changed beginning from 8.3
Regards
Alain
Don't forget to rate helpful posts.
12-03-2013 02:45 AM
Thankyou for the help. I got around the issue by entering
route outside 0.0.0.0 0.0.0.0
access-list outside_access_in permit icmp any any
access-group outside_access_in in interface outside
All working fine now.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: