Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Pix 506e to ASA 5505 no longer able to access internet from inside

Status
Not open for further replies.
rodhall

rodhall

IS-IT--Management
Apr 14, 2011
2
US
we recently upgraded from a pix 506e to an ASA 5505. i used the pix to asa conversion program, and had to clean it up allot, but had what i thought was a pretty solid configuration. after implementing the ASA over the weekend, users came in on Monday and many of them were not able to access the internet. and some were still able to. here is an edited copy of my config

Code: 
: Saved
: Written by enable_15 at 14:10:50.159 EDT Tue Apr 5 2011
!
ASA Version 8.0(3)
!
hostname pixfirewall
domain-name website.com
enable password ############## encrypted
names
!
interface Vlan1
 nameif outside
 security-level 0
 ip address 255.254.68.2 255.255.255.192
 ospf cost 10
!
interface Vlan2
 nameif inside
 security-level 100
 ip address 192.168.1.1 255.255.255.0
 ospf cost 10
!
interface Ethernet0/0
!
interface Ethernet0/1
!
interface Ethernet0/2
 switchport access vlan 2
!
interface Ethernet0/3
 switchport access vlan 2
!
interface Ethernet0/4
 switchport access vlan 2
!
interface Ethernet0/5
 switchport access vlan 2
 shutdown
!
interface Ethernet0/6
 shutdown
!
interface Ethernet0/7
 shutdown
!
passwd 6NSln6otKGstraBl encrypted
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns server-group DefaultDNS
 domain-name website.com
access-list 105 extended permit tcp any host 255.254.68.2 eq 8080
access-list 105 extended permit tcp any host 255.254.68.2 eq www
access-list 105 extended permit tcp any host 255.254.68.2 eq ftp-data
access-list 105 extended permit tcp any host 255.254.68.2 eq ftp
access-list 105 extended permit udp any host 255.254.68.2 eq www
access-list 105 extended permit udp any host 255.254.68.2 eq 20
access-list 105 extended permit udp any host 255.254.68.2 eq 21
access-list 105 extended permit tcp any host 255.254.68.2 eq 2233
access-list 105 extended permit udp any host 255.254.68.2 eq 2233
access-list 105 extended permit icmp any any
access-list 105 extended permit tcp any host 255.254.68.2 eq pop3
access-list 105 extended permit tcp any host 255.254.68.2 eq imap4
access-list 105 extended permit udp any host 255.254.68.2 eq 143
access-list 105 extended permit udp any host 255.254.68.2 eq 110
access-list 105 extended permit tcp any host 255.254.68.2 eq smtp
access-list 105 extended permit tcp any host 255.254.68.2 eq 1443
access-list 105 extended permit udp any host 255.254.68.2 eq 1443
access-list 105 extended permit udp any host 255.254.68.2 eq 1444
access-list 105 extended permit tcp any host 255.254.68.2 eq 1444
access-list 105 extended permit tcp any host 255.254.68.2 eq pptp
access-list 105 extended permit udp any host 255.254.68.2 eq 47
access-list 105 extended permit tcp any host 255.254.68.2 eq 47
access-list 105 extended permit udp any host 255.254.68.2 eq 1723
access-list 105 extended permit udp any host 255.254.68.2 eq 45
access-list 105 extended permit tcp any host 255.254.68.2 eq 45
access-list 105 extended permit gre any any
access-list 105 extended permit tcp any any eq pptp
access-list 105 extended permit udp any host 255.254.68.2 eq 10000
access-list 105 extended permit udp any host 255.254.68.2 eq isakmp
access-list 105 extended permit tcp any host 255.254.68.2 eq 50
access-list 105 extended permit udp any host 255.254.68.2 eq 4500
access-list 105 extended permit tcp any host 255.254.68.2 eq 10000
access-list 105 extended permit tcp any host 255.254.68.2 eq 500
access-list 105 extended permit esp any host 255.254.68.2
access-list 105 extended permit udp any host 255.254.68.11 eq www
access-list 105 extended permit tcp any host 255.254.68.11 eq www
access-list 105 extended permit tcp any host 255.254.68.11 eq https
access-list 105 extended permit udp any host 255.254.68.11 eq 443
access-list 105 extended permit tcp any host 255.254.68.16 eq www
access-list 105 extended permit udp any host 255.254.68.16 eq www
access-list 105 extended permit udp any host 255.254.68.33
access-list 105 extended permit tcp any host 255.254.68.33
access-list 105 extended permit udp any host 255.254.68.32
access-list 105 extended permit tcp any host 255.254.68.32
access-list 105 extended permit tcp any host 255.254.68.16 eq 8080
access-list 105 extended permit udp any host 255.254.68.16 eq 8080
access-list 105 extended permit udp any host 255.254.68.34 eq www
access-list 105 extended permit tcp any host 255.254.68.34 eq www
access-list 105 extended permit tcp any host 255.254.68.34
access-list 105 extended permit udp any host 255.254.68.30 eq 990
access-list 105 extended permit tcp any host 255.254.68.30 eq 990
access-list 105 extended permit tcp any host 255.254.68.29 eq 5422
access-list 105 extended permit udp any host 255.254.68.29 eq 5422
access-list 105 extended permit tcp any host 255.254.68.30 eq 50000
access-list 105 extended permit tcp any host 255.254.68.30 eq 50001
access-list 105 extended permit tcp any host 255.254.68.30 eq 50002
access-list 105 extended permit tcp any host 255.254.68.30 eq 50003
access-list 105 extended permit tcp any host 255.254.68.30 eq 50004
access-list 105 extended permit tcp any host 255.254.68.2 eq 50000
access-list 105 extended permit tcp any host 255.254.68.2 eq 50001
access-list 105 extended permit tcp any host 255.254.68.2 eq 50002
access-list 105 extended permit tcp any host 255.254.68.2 eq 50003
access-list 105 extended permit tcp any host 255.254.68.2 eq 50004
access-list 105 extended permit tcp any host 255.254.68.10 eq 5555
access-list 105 extended permit udp any host 255.254.68.10 eq 5555
access-list 105 extended permit udp any host 255.254.68.9
access-list 105 extended permit tcp any host 255.254.68.9
access-list 105 extended permit udp any host 255.254.68.40 eq 3389
access-list 105 extended permit tcp any host 255.254.68.40 eq 3389
access-list 105 extended permit udp any host 255.254.68.41 eq 3389
access-list 105 extended permit tcp any host 255.254.68.41 eq 3389
access-list 105 extended permit udp any host 255.254.68.42 eq 3389
access-list 105 extended permit tcp any host 255.254.68.42 eq 3389
access-list 105 extended permit udp any host 255.254.68.43 eq 3389
access-list 105 extended permit tcp any host 255.254.68.43 eq 3389
access-list 105 extended permit tcp any host 255.254.68.48 eq 5422
access-list 105 extended permit udp any host 255.254.68.48 eq 5422
access-list 105 extended permit tcp any host 255.254.68.2 eq 4110
access-list 105 extended permit tcp any host 255.254.68.2 eq 4112
access-list 105 extended permit tcp any host 255.254.68.2 eq 4113
access-list 105 extended permit tcp any host 255.254.68.55 eq 5422
access-list 105 extended permit udp any host 255.254.68.55 eq 5422
access-list 105 extended permit tcp any host 255.254.68.14 eq www
access-list 105 extended permit udp any host 255.254.68.14 eq www
access-list 105 extended permit tcp any host 255.254.68.15 eq 5422
access-list 105 extended permit udp any host 255.254.68.15 eq 5422
access-list 105 extended permit tcp any host 255.254.68.15 eq www
access-list 105 extended permit udp any host 255.254.68.15 eq www
access-list 105 extended permit tcp any host 255.254.68.8 eq 5422
access-list 105 extended permit udp any host 255.254.68.8 eq 5422
access-list 105 extended permit tcp any host 255.254.68.8 eq www
access-list 105 extended permit udp any host 255.254.68.8 eq www
access-list 105 extended permit tcp any host 255.254.68.12 eq 5422
access-list 105 extended permit udp any host 255.254.68.12 eq 5422
access-list 105 extended permit tcp any host 255.254.68.12 eq www
access-list 105 extended permit udp any host 255.254.68.12 eq www
access-list 105 extended permit tcp any host 255.254.68.13 eq 5422
access-list 105 extended permit udp any host 255.254.68.13 eq 5422
access-list 105 extended permit tcp any host 255.254.68.13 eq www
access-list 105 extended permit udp any host 255.254.68.13 eq www
access-list 105 extended permit tcp any host 255.254.68.14 eq 3389
access-list 105 extended permit tcp any host 255.254.68.22 eq 5422
access-list 105 extended permit udp any host 255.254.68.22 eq 5422
access-list 105 extended permit tcp any host 255.254.68.49 eq 5422
access-list 105 extended permit udp any host 255.254.68.49 eq 5422
access-list 105 extended permit tcp any host 255.254.68.2 eq 50005
access-list 105 extended permit tcp any host 255.254.68.2 eq 50006
access-list 105 extended permit tcp any host 255.254.68.2 eq 50007
access-list 105 extended permit tcp any host 255.254.68.2 eq 50008
access-list 105 extended permit tcp any host 255.254.68.2 eq 50009
access-list 105 extended permit tcp any host 255.254.68.2 eq 50010
access-list 105 extended permit tcp any host 255.254.68.2 eq 50011
access-list 105 extended permit tcp any host 255.254.68.2 eq 50012
access-list 105 extended permit tcp any host 255.254.68.2 eq 50013
access-list 105 extended permit tcp any host 255.254.68.2 eq 50014
access-list 105 extended permit tcp any host 255.254.68.2 eq 50015
access-list 105 extended permit tcp any host 255.254.68.2 eq 50016
access-list 105 extended permit tcp any host 255.254.68.2 eq 50017
access-list 105 extended permit tcp any host 255.254.68.2 eq 50018
access-list 105 extended permit tcp any host 255.254.68.2 eq 50019
access-list 105 extended permit tcp any host 255.254.68.2 eq 50020
access-list 105 extended permit tcp any host 255.254.68.39 eq 5422
access-list 105 extended permit udp any host 255.254.68.39 eq 5422
access-list 105 extended permit udp any host 255.254.68.50 eq www
access-list 105 extended permit tcp any host 255.254.68.50 eq www
access-list 105 extended permit tcp any host 255.254.68.52 eq www
access-list 105 extended permit udp any host 255.254.68.52 eq www
access-list 105 extended permit tcp any host 255.254.68.53 eq https
access-list 105 extended permit udp any host 255.254.68.53 eq 443
access-list 105 extended permit tcp any host 255.254.68.53 eq www
access-list 105 extended permit udp any host 255.254.68.53 eq www
access-list 105 extended permit tcp any host 255.254.68.53 eq 3389
access-list 105 extended permit udp any host 255.254.68.53 eq 3389
access-list 105 extended permit tcp any host 255.254.68.53 eq 135
access-list 105 extended permit udp any host 255.254.68.53 eq 135
pager lines 24
logging enable
logging buffered debugging
logging asdm informational
mtu outside 1500
mtu inside 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-603.bin
asdm location 192.168.1.2 255.255.255.255 inside
asdm location 192.168.1.212 255.255.255.255 inside
asdm location 192.168.1.216 255.255.255.255 inside
asdm location 192.168.2.242 255.255.255.255 inside
asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) udp 255.254.68.11 [URL unfurl="true"]www 192.168.2.242[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) tcp 255.254.68.11 [URL unfurl="true"]www 192.168.2.242[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) tcp 255.254.68.11 https 192.168.2.242 https netmask 255.255.255.255
static (inside,outside) udp 255.254.68.11 443 192.168.2.242 443 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.32 [URL unfurl="true"]www 192.168.3.197[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) udp 255.254.68.32 [URL unfurl="true"]www 192.168.3.197[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) tcp 255.254.68.33 [URL unfurl="true"]www 192.168.3.69[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) udp 255.254.68.33 [URL unfurl="true"]www 192.168.3.69[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) tcp 255.254.68.33 3389 192.168.3.69 3389 netmask 255.255.255.255
static (inside,outside) udp 255.254.68.33 3389 192.168.3.69 3389 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.34 [URL unfurl="true"]www 192.168.3.66[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) udp 255.254.68.34 [URL unfurl="true"]www 192.168.3.66[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) tcp 255.254.68.30 990 192.168.1.216 990 netmask 255.255.255.255
static (inside,outside) udp 255.254.68.34 990 192.168.1.216 990 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.29 5422 192.168.5.31 5422 netmask 255.255.255.255
static (inside,outside) udp 255.254.68.29 5422 192.168.5.31 5422 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.30 50000 192.168.1.216 50000 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.30 50001 192.168.1.216 50001 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.30 50002 192.168.1.216 50002 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.30 50003 192.168.1.216 50003 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.30 50004 192.168.1.216 50004 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.16 [URL unfurl="true"]www 192.168.3.64[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) udp 255.254.68.16 [URL unfurl="true"]www 192.168.3.64[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) tcp 255.254.68.10 5555 192.168.3.245 5555 netmask 255.255.255.255
static (inside,outside) udp 255.254.68.10 5555 192.168.3.245 5555 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.40 3389 192.168.1.27 3389 netmask 255.255.255.255
static (inside,outside) udp 255.254.68.40 3389 192.168.1.27 3389 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.41 3389 192.168.1.29 3389 netmask 255.255.255.255
static (inside,outside) udp 255.254.68.41 3389 192.168.1.29 3389 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.42 3389 192.168.1.31 3389 netmask 255.255.255.255
static (inside,outside) udp 255.254.68.42 3389 192.168.1.31 3389 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.43 3389 192.168.1.30 3389 netmask 255.255.255.255
static (inside,outside) udp 255.254.68.43 3389 192.168.1.30 3389 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.48 5422 192.168.5.20 5422 netmask 255.255.255.255
static (inside,outside) udp 255.254.68.48 5422 192.168.5.20 5422 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.55 5422 192.168.3.36 5422 netmask 255.255.255.255
static (inside,outside) udp 255.254.68.55 5422 192.168.3.36 5422 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.15 5422 192.168.3.59 5422 netmask 255.255.255.255
static (inside,outside) udp 255.254.68.15 5422 192.168.3.59 5422 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.15 [URL unfurl="true"]www 192.168.3.59[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) udp 255.254.68.15 [URL unfurl="true"]www 192.168.3.59[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) tcp 255.254.68.8 5422 192.168.3.57 5422 netmask 255.255.255.255
static (inside,outside) udp 255.254.68.8 5422 192.168.3.57 5422 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.12 5422 192.168.3.111 5422 netmask 255.255.255.255
static (inside,outside) udp 255.254.68.12 5422 192.168.3.111 5422 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.13 5422 192.168.3.70 5422 netmask 255.255.255.255
static (inside,outside) udp 255.254.68.13 5422 192.168.3.70 5422 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.13 [URL unfurl="true"]www 192.168.3.70[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) udp 255.254.68.13 [URL unfurl="true"]www 192.168.3.70[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) tcp 255.254.68.12 [URL unfurl="true"]www 192.168.3.111[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) udp 255.254.68.12 [URL unfurl="true"]www 192.168.3.111[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) tcp 255.254.68.22 5422 192.168.5.40 5422 netmask 255.255.255.255
static (inside,outside) udp 255.254.68.22 5422 192.168.5.40 5422 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.8 [URL unfurl="true"]www 192.168.3.128[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) udp 255.254.68.8 [URL unfurl="true"]www 192.168.3.128[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) tcp 255.254.68.49 5422 192.168.3.140 5422 netmask 255.255.255.255
static (inside,outside) udp 255.254.68.49 5422 192.168.3.140 5422 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.39 5422 192.168.3.108 5422 netmask 255.255.255.255
static (inside,outside) udp 255.254.68.39 5422 192.168.3.108 5422 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.9 [URL unfurl="true"]www 192.168.3.11[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) udp 255.254.68.9 [URL unfurl="true"]www 192.168.3.11[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) tcp 255.254.68.50 [URL unfurl="true"]www 192.168.3.143[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) udp 255.254.68.50 [URL unfurl="true"]www 192.168.3.143[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) tcp 255.254.68.14 [URL unfurl="true"]www 192.168.5.65[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) udp 255.254.68.14 [URL unfurl="true"]www 192.168.5.65[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) udp 255.254.68.14 3389 192.168.5.65 3389 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.14 3389 192.168.5.65 3389 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.52 [URL unfurl="true"]www 192.168.5.73[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) udp 255.254.68.52 [URL unfurl="true"]www 192.168.5.73[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) tcp 255.254.68.53 https 192.168.5.34 https netmask 255.255.255.255
static (inside,outside) udp 255.254.68.53 443 192.168.5.34 443 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.53 [URL unfurl="true"]www 192.168.5.34[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) udp 255.254.68.53 [URL unfurl="true"]www 192.168.5.34[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) tcp 255.254.68.53 3389 192.168.5.34 3389 netmask 255.255.255.255
static (inside,outside) udp 255.254.68.53 3389 192.168.5.34 3389 netmask 255.255.255.255
static (inside,outside) tcp 255.254.68.53 135 192.168.5.34 135 netmask 255.255.255.255
static (inside,outside) udp 255.254.68.53 135 192.168.5.34 135 netmask 255.255.255.255
static (inside,outside) udp interface [URL unfurl="true"]www 192.168.1.212[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) tcp interface [URL unfurl="true"]www 192.168.1.212[/URL] [URL unfurl="true"]www netmask[/URL] 255.255.255.255
static (inside,outside) tcp interface ftp-data 192.168.1.212 ftp-data netmask 255.255.255.255
static (inside,outside) udp interface 2233 192.168.1.2 2233 netmask 255.255.255.255
static (inside,outside) tcp interface 2233 192.168.1.2 2233 netmask 255.255.255.255
static (inside,outside) udp interface 10000 192.168.1.3 10000 netmask 255.255.255.255
static (inside,outside) tcp interface pptp 192.168.1.3 pptp netmask 255.255.255.255
static (inside,outside) tcp interface pop3 192.168.2.242 pop3 netmask 255.255.255.255
static (inside,outside) udp interface 110 192.168.2.242 110 netmask 255.255.255.255
static (inside,outside) udp interface 25 192.168.2.242 25 netmask 255.255.255.255
static (inside,outside) tcp interface smtp 192.168.2.242 smtp netmask 255.255.255.255
static (inside,outside) udp interface 143 192.168.2.242 143 netmask 255.255.255.255
static (inside,outside) tcp interface imap4 192.168.2.224 imap4 netmask 255.255.255.255
static (inside,outside) udp interface 4500 192.168.1.3 4500 netmask 255.255.255.255
static (inside,outside) tcp interface 4110 192.168.3.60 4110 netmask 255.255.255.255
static (inside,outside) tcp interface 4112 192.168.3.60 4112 netmask 255.255.255.255
static (inside,outside) tcp interface 4113 192.168.3.60 4113 netmask 255.255.255.255
static (inside,outside) tcp interface 50000 192.168.1.213 50000 netmask 255.255.255.255
static (inside,outside) tcp interface 50001 192.168.1.213 50001 netmask 255.255.255.255
static (inside,outside) tcp interface 50002 192.168.1.213 50002 netmask 255.255.255.255
static (inside,outside) tcp interface 50003 192.168.1.213 50003 netmask 255.255.255.255
static (inside,outside) tcp interface 50004 192.168.1.213 50004 netmask 255.255.255.255
static (inside,outside) udp interface 20 192.168.1.213 20 netmask 255.255.255.255
static (inside,outside) udp interface 21 192.168.1.213 21 netmask 255.255.255.255
static (inside,outside) tcp interface ftp 192.168.1.213 ftp netmask 255.255.255.255
access-group 105 in interface outside
route outside 0.0.0.0 0.0.0.0 255.254.68.1 1
route inside 192.168.2.0 255.255.255.0 192.168.1.2 1
route inside 192.168.3.0 255.255.255.0 192.168.1.2 1
route inside 192.168.4.0 255.255.255.0 192.168.1.2 1
route inside 192.168.5.0 255.255.255.0 192.168.1.2 1
route inside 192.168.6.0 255.255.255.0 192.168.1.2 1
timeout xlate 0:05:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
http server enable
http 192.168.1.0 255.255.255.0 inside
http 192.168.2.241 255.255.255.255 inside
http 192.168.2.240 255.255.255.255 inside
http 192.168.3.60 255.255.255.255 inside
no snmp-server location
no snmp-server contact
snmp-server community public
snmp-server enable traps snmp authentication linkup linkdown coldstart
telnet 192.168.2.242 255.255.255.255 inside
telnet 192.168.3.117 255.255.255.255 inside
telnet 192.168.2.240 255.255.255.255 inside
telnet 192.168.3.60 255.255.255.255 inside
telnet 192.168.2.241 255.255.255.255 inside
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 outside
ssh timeout 60
console timeout 0
dhcpd dns 255.254.226.12 192.168.2.210
dhcpd ping_timeout 750
dhcpd domain website.com
!
dhcpd address 192.168.1.7-192.168.1.30 inside
dhcpd dns 192.168.1.1 interface inside
dhcpd wins 192.168.1.1 interface inside
dhcpd enable inside
!

threat-detection basic-threat
threat-detection statistics
!
!
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum 512
policy-map global_policy
!
service-policy global_policy global
prompt hostname context
 
Sort by date Sort by votes
looking at the config, it might have been easier and quicker to just config the ASA from scratch using your access rules above?

the ASA has some nifty wizards now to make this fairly pain free.! :)

ACSS - SME
 
Upvote 0 Downvote
everything else appears to be working fine, but we are just having the outgoing internet issue
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
584
Sameer258
Sameer258
AllenH12
  • Locked
  • Question
Bandwidth in Cisco ASA 5505
Replies
2
Views
279
AllenH12
AllenH12
Sparrow4
  • Locked
  • Question
Configure Avaya IPO R11 / VM Pro + Office365 or Exchange for voicemail to email
Replies
2
Views
541
Johnkite
Johnkite
gbayi_omo
  • Locked
  • Question
Cisco ASA 5505 not allowing access to highest security zone
Replies
0
Views
102
gbayi_omo
gbayi_omo
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
521
intel233
intel233

Part and Inventory Search

Sponsor

Back
Top