Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

ASA5505 can reach internet but local hosts cannot.

ASA 5505.

From the console, can ping internet hosts.

Can reach the ASA from the LAN.

LAN hosts cannot reach the web.  I figure this is something to do w NAT but NAT and permissions are all set.  What is wrong?

Web connection is DSL / PPPOE.  I figure the PPPOE is pulling IP correctly since we can reach the web from the ASA.

Will attach SH RUN shortly.

3 REPLIES
Community Member

Re: ASA5505 can reach internet but local hosts cannot.

sh run attached

Cisco Employee

Re: ASA5505 can reach internet but local hosts cannot.

Hello,

What is the DNS server address? Can you try using 4.2.2.2 and see if that helps? If that did not work, please try the following:

access-list outside_access_in permit icmp any any echo-reply

access-group outside_access_in in interface outside

icmp permit any outside

Hope this helps.

Regards,

NT

Community Member

Re: ASA5505 can reach internet but local hosts cannot.

Wonderful!  Tried two different dns servers thinking that was the issue but I guess both were failing.  And allowed the ICMP replies in and now pings can respond fine to the router or to internal hosts.  So simple sometimes!

Thank you!
-mike

238
Views
5
Helpful
3
Replies
CreatePlease to create content