Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Internet Router / ASA Configuration to get http traffics

Hi All,

Please find the attached Network diagram to get the ready ref for my question......

See, I need internet browsing from my private LAN segment 172.16.34.0/24 ( created on L3 switch as VLAN 42, mentioned because default VLAN 1 is down due to security reasons. )

Now, I have configured my L3 switch, Internet Router & ASA all the way for getting ping reply to my Public DNS ( 121.242.190.210 ) as well Internet Router next hop ( gateway, 111.93.160.37/30 ) from my private LAN VLAN 42 ( 172.16.34.0/24 )

I have done the config and getting all the ping reply, even nslookup is working from any end user desk.....but still internet page not opening from end user PC....I think http traffic not coming or name resolution not working....

Please look into the router config......and suggest me what I should further, or is there anything to allow in ASA firewall ?

NB:- The internet link is working find that I checked by connecting the ISP UTP connection coming from their mux....into laptop and putting an public and all.

Thanks in Advance....

Regards - Sujit

Everyone's tags (5)
2 REPLIES
New Member

Re: Internet Router / ASA Configuration to get http traffics

Hello Sujit,

at first I would test accessing a web page from the same PC that can ping the public DNS, using the ip address though, not the name (ex. ping 74.125.79.99 or any other ip address for www.google.com).

If this works, you have problems with the DNS requests.

Otherwise you may want to look at the ASA configuration, for what's regarding the NAT or the types of traffic that's allowed to be forwarded.

Hope it helps,

Antonio

Purple

Re: Internet Router / ASA Configuration to get http traffics

Hi,

even nslookup is working from any end user desk

so this is probably not a dns problem

Can you do a packet-tracer on the asa for web traffic coming from your LAN users and post what it is telling.

Regards.

Don't forget to rate helpful posts.
463
Views
0
Helpful
2
Replies
CreatePlease login to create content