I'm a new one and I need some help how to configure my ASAv.
In my home lab I use Endian Firewall (virtual machine), it works well. Now I have an opportunity to test Cisco ASAv and I can't handle with it, I configured all interfaces which I needed, mgmt, inside and outside. Question is, how to connect Inside with Outside to access the Internet?
Like on the image I have one phisical router Linksys which is the main gateway to the Internet. I use ASDM 7.3, Cisco is configured in the routed mode.
Ok, if there no filtering in this network, then the Linksys does not know of network 172.16.1.0
The ASA does know of 172.16.1.0 and 192.168.1.0
Can you also configure a route on the Linksys for this network?
ip route 172.16.1.0 255.255.255.0 192.168.1.20
(or whatever syntax the Linksys has)
Linksys is a simple home router that is a gateway to the Internet, I thought that its IP address which is 192.168.1.1 should be input in ASAv configuration just I did in Endian Firewall where I input it as gateway.
Thats why i said to configure a static route on the ASA, pointing to 192.168.1.1 for the default route of 0.0.0.0 0.0.0.0
(route outside 0.0.0.0 0.0.0.0 192.168.1.1 1)
What did you have configured on the ASA then?
I configured as you wrote and nothing more, I wanted only to exchange my Endian with Cisco. How can I check where my route from 172.16.1.1. to 192.168.1.1 is broken?
Could you post screenshots of the Linksys and the Asav with their ip and routing information of both devices?
And, if you ping from the ASAv to the pc, do you get replies?
I attached screenshots from Asav.
I didn't attach screenshot from linksys because I didn't change there anything, like on the image from first post with Endian configuration I put there as a gateway the IP of linksys and it worked.
I attached 2 more files, maybe they will be useful, it is a command ping from ASDM.
sorry for my late reply here.
I see that from the ASA you can ping an Internet address succesfully (from Interface Outside), so your default route is working ok on the ASA. .
Can you now send a ping to 172.16.1.2 (select "Interface Inside" for this) and see if that works?