ASA 5505 not connecting to the internet
My ASA 5505 9.1 previously worked but I recently swapped out my modem (different issue). The new modem is bridged so my ASA gets an IP address from the ISP.
Internet ------ SB6141 modem ---------- ASA ---------- rest of network (direct connection or router)
I have no issues connecting to the ASA and when I remove the ASA my router properly connects to the internet.
Things I have tried
Setting static address for ASA outside interface
Pinging 8.8.8.8 from ASDM (ping fails in ASDM but works in CLI)
Modifying the NAT
Successful packet trace
Reading multiple other forum entries
I can't figure out what is blocking the traffic to the outside. Below is my running-config.
xlate per-session deny tcp any4 any6
xlate per-session deny tcp any6 any4
xlate per-session deny tcp any6 any6
xlate per-session deny udp any4 any4 eq domain
xlate per-session deny udp any4 any6 eq domain
xlate per-session deny udp any6 any4 eq domain
xlate per-session deny udp any6 any6 eq domain
xlate per-session deny tcp any4 any4
passwd 2KFQnbNIdI.2KYOU encrypted
names
name 10.0.1.0 Wireless
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address dhcp setroute
boot system disk0:/asa914-k8.bin
ftp mode passive
clock timezone PST -8
clock summer-time PDT recurring
dns domain-lookup inside
object network obj-192.168.2.0
subnet 192.168.2.0 255.255.255.248
object network obj_any
subnet 0.0.0.0 0.0.0.0
object network Wireless
subnet 10.0.1.0 255.255.255.0
description Created during name migration
object network NETWORK_OBJ_192.168.2.0_29
subnet 192.168.2.0 255.255.255.248
object network obj_any_1
subnet 0.0.0.0 0.0.0.0
description Outside
object-group protocol TCPUDP
protocol-object udp
protocol-object tcp
object-group service DM_INLINE_TCP_1 tcp
port-object eq www
port-object eq https
object-group service DM_INLINE_TCP_2 tcp
port-object eq 4444
port-object eq 4445
port-object eq 4446
object-group service Wemo tcp-udp
port-object eq 3478
object-group service DM_INLINE_SERVICE_1
service-object udp destination eq 1701
service-object tcp destination eq pptp
service-object udp destination eq 4500
service-object udp destination eq isakmp
service-object tcp destination eq 50
service-object tcp destination eq 51
service-object tcp destination eq 44000
object-group service DM_INLINE_TCP_3 tcp
port-object eq 4444
port-object eq 4445
port-object eq 4446
port-object eq 5900
port-object eq 5901
object-group network DM_INLINE_NETWORK_1
network-object host 217.79.189.135
network-object host 24.197.239.70
object-group service DM_INLINE_TCP_4 tcp
port-object eq 5900
port-object eq 5901
object-group service DM_INLINE_TCP_5 tcp
port-object eq www
port-object eq https
access-list inside_access_in extended permit object-group TCPUDP object Wireless any
access-list inside_access_in extended permit icmp object Wireless any
access-list inside_access_in extended permit ip object Wireless any
access-list inside_access_in extended permit object-group TCPUDP 192.168.1.0 255.255.255.0 any
access-list inside_access_in extended permit icmp 192.168.1.0 255.255.255.0 any
access-list inside_access_in extended permit tcp 192.168.1.0 255.255.255.0 any object-group DM_INLINE_TCP_5
access-list inside_access_in extended permit ip 192.168.1.0 255.255.255.0 any
access-list inside_access_in extended permit icmp 192.168.2.0 255.255.255.0 any
access-list inside_access_in extended permit ip 192.168.2.0 255.255.255.0 any
access-list inside_access_in extended permit object-group TCPUDP 192.168.2.0 255.255.255.0 any
access-list inside_nat0_outbound extended permit ip any4 192.168.2.0 255.255.255.248
access-list inside_nat0_outbound extended permit tcp any4 192.168.2.0 255.255.255.248
access-list inside_nat0_outbound_1 extended permit ip any4 192.168.2.0 255.255.255.248
access-list outside_access_in extended permit tcp any object AppleRouter object-group DM_INLINE_TCP_2
access-list outside_access_in remark VNC
access-list outside_access_in extended permit tcp any object AppleRouter object-group DM_INLINE_TCP_4
access-list outside_access_in extended deny tcp object-group DM_INLINE_NETWORK_1 any object-group DM_INLINE_TCP_3
access-list outside_access_in remark Migration, ACE (line 2) expanded: permit tcp any4 interface outside object-group DM_INLINE_TCP_1
access-list outside_access_in extended permit tcp any4 0.0.0.0 0.0.0.0 eq www
access-list outside_access_in extended permit tcp any4 0.0.0.0 0.0.0.0 eq https
access-list outside_access_in remark ICMP config
access-list outside_access_in extended permit icmp any4 0.0.0.0 0.0.0.0
access-list outside_access_in extended permit tcp any4 object AppleRouter object-group Wemo
access-list outside_access_in extended permit udp any4 object AppleRouter object-group Wemo
access-list outside_access_in extended permit object-group DM_INLINE_SERVICE_1 any4 interface outside
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-715-100.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
nat (inside,any) source static any any destination static obj-192.168.2.0 obj-192.168.2.0 no-proxy-arp route-lookup inactive
nat (inside,outside) source static any any destination static NETWORK_OBJ_192.168.2.0_29 NETWORK_OBJ_192.168.2.0_29 no-proxy-arp route-lookup inactive
object network AppleRouter-4500
nat (inside,outside) static interface service tcp 4500 4500
object network AppleRouter-4444
nat (inside,outside) static interface service tcp 4444 4444
object network AppleRouter-5901
nat (inside,outside) static interface service tcp 5901 5901
object network AppleRouter-5900
nat (inside,outside) static interface service tcp 5900 5900
object network AppleRouter-4445
nat (inside,outside) static interface service tcp 4445 4445
object network AppleRouter-4446
nat (inside,outside) static interface service tcp 4446 4446
object network Wemo-tcp
nat (inside,outside) static interface service tcp 3478 3478
object network Wemo-udp
nat (inside,outside) static interface service udp 3478 3478
access-group inside_access_in in interface inside
access-group outside_access_in in interface outside
telnet 192.168.1.0 255.255.255.0 inside
telnet Wireless 255.255.255.0 inside
telnet timeout 10
ssh 192.168.1.0 255.255.255.0 inside
ssh Wireless 255.255.255.0 inside
ssh timeout 10
ssh key-exchange group dh-group1-sha1
console timeout 0
dhcp-client client-id interface outside
dhcpd auto_config outside
dhcpd address 192.168.1.5-192.168.1.254 inside
dhcpd auto_config outside interface inside
dhcpd enable inside
First lets eliminate the ASA as the problem, Connect a PC directly to one of the "inside" ports on the ASA and make sure it recieves an IP in the 192.168.1.0/24 range.
add this command to the ASA
object network obj_any
nat (inside,outside) dynamic interface
now try to ping 8.8.8.8 or 4.2.2.2
If ping works, now add the router back into the loop and see if you are able to reach the internet again.
Please remember to select a correct answer and rate helpful posts
Similar Messages
-
what do i do if my internet is wep and i need it to be wpa2 because my ipod touch 4th gen connects to the internet but when i click on safari or itunes it says safari cannot open the page because its not connected to the internet. i have contacted apple support and they said to change from wep to wpa2 but when i change it to wpa2 and type in password and connect on my laptop it says the saved setting on this computer for the network do not match the require ments of the network
My 2nd gen works fine with WPA2 and AES encryption.
You may need to go back and start over. Reset the router back to factory defaults, log on as the admin, set up security, DHCP, and make sure the IP address pool has enough IP addresses to lease to ALL of the computers/devices that will connect to that the router. -
Friends,
I'm having some audio-midi setup problems on my G4/1.25/10.5.1 machine. I'm thinking that a routine OS upgrade might help. However, this machine is not connected to the internet. Are there any alternate methods for upgrading system software? Thanks in advance!OK, what you should do is download the updates on another machine and burn them to a disc. Start at this link http://support.apple.com/downloads/#leopard for downloads and find, among other things, the 10.5.8 combo updater that works on PPC machines, plus security, QuickTime and other updates. Going from 10.5.1 to 10.5.8, there will probably be a bunch of things that you should install. Being off the internet with the machine, you can't have Software Update sort it out, so something might get missed, unfortunately.
My suggestion is this: if it looks like you might need a download, get it onto that disc. -
Adobe creative cloud say i'm not connected to the internet, but I am
adobe creative cloud says i'm not connected to the internet, but I am
If you statee more aout your set up about your relation to the Cloud a l9ittle of the history something to go on right now tht is believe it or not ptretty vague.
i do not relly particfipate in the forum but I doubt that the other users will have an easytime helping you without more informtion.
Offhand I wouuld say it was a permissions issue fwiw. -
HT204407 It won't let me sign in. It just keeps saying I'm not connected to the Internet when I am.
Why is my find my friends app not working at all?! It just says that I'm not connected to the Internet but I am.
1. Make sure Date and Time is correctly set; Settings>General>Date and Time>Set Automatically>On
2. Make sure phone number or email address is correct
3. Restart iPad -
I recently purchased an iPhone 5c and for some unknown reason I can't connect to my wireless router's network at home. I've tried establishing a seperate IP address, manually adding the iPhone device, and even spent an hour with Centurylink's IT support and they couldn't figure it out. They said it was an iPhone error. I had an iPhone 3 about 1 1/2 years ago that had the same problem. I ended up getting rid of the phone because I couldn't solve this problem before. I thought a newer phone would not have the same problem.
My phone shows that I'm connected to my home internet, but when I open up network information for my home internet there is no IP Address listed. Safari and my other apps also state that I'm not connected to the internet. I'm ready to sell my phone back and go to an Android since I didn't have trouble connecting with it before. We also have a Macbook and iPad that both connect to the internet just fine. Please....oh please help.I was having the same problem; I tried all the recommended fixes in the "more like this" and nothing worked, but finally found the answer. Try this: http://themiddleofthestreet.blogspot.com/2013/11/if-your-iphone-5s-wont-connect- to-wifi.html
-
I want to download Firefox on a flashdrive so I can then download it to my home computer which is not connected to the internet. When I download Firefox, it won't let me change the path and so tries to download on a public computer, which isn't allowed. The reason I want it on my home computer is because I'm creating web pages and I want to view my html pages using a variety of browsers, including Firefox.
From another computer, go to http://www.mozilla.com/firefox/, click "Free download" button, click "Save File" button, select your flash drive in "Save as" window. "Firefox Setup 3.6.13.exe" file will be saved in your flash drive.
You just need to insert it in your new computer and double-click on "Firefox Setup 3.6.13.exe" from Windows Explorer and follow instructions. -
After installing Lion on my mid 2010 macbook pro 13" (7,1) I went to download extra voices and every time i am met my the message, "The voice ....(dots are where the name of the voice) can't be installed now because you are not connected to the internet."
I then installed Lion on a 2011 13" macbook pro (8,1) and was able to download voices straight away. Is there a bug with the voices with 2010 macbook pros and is there a way round this problem or am i going to have to wait for Apple to release a fix for it?Thank you a billion times over - I never would have figured that out, and certainly would not have a hair left on my head if you handn't taken the time to post the solution!
-
My ipad recognizes my home network but will not connect to the internet. When I click on AirPort/preferences at the top of the imac screen it says..."AirPort has a self-assigned ip address and may not connect to the internet". If this is the root of the problem,how can I change ip address?
Ipad will connect no problem to other networks.First thing you need I think is to get your iMac connected to the Internet.
Shut down your iMac and you iPad. Then power off your router. Wait 30 seconds and power up the router.
After the router indicates that it is connected to the Internet then start up your iMac and see if it connects. If the iMac connects to the Internet then your iPad should too.
If this power up sequence doesn't work you'll have to dig into the router setup to make sure it is working properly. -
My iPhone will
not connect to the internet properly. It says that it is connected, the App Store won't load apps and I can't get on my face book app. I have tried wifi and my cellular data, neither work. What are some ways to fix this?Try resetting your network settings.
Settings>Genenal>Reset>Reset Network Settings. -
i connect my iphone to my pc and i tunes open automatically,then i press dowload and update but itunes say am not connected to the internet while my pc is connected to the internet what isi the problem?
If you are the only user on your computer you probably don't have multiple user accounts set up and can disregard that. If you are using iTunes 11 go to View>Show Sidebar. Now see if your iPad appears under Devices on the left side when you connect it. If it does, click on the name of your iPad on the left side and your iTunes sync settings options will appear in folders with tabbed headings to the right.
If it doesn't appear on the left side, follow the troubleshooting steps shown in this article: http://support.apple.com/kb/TS1538. -
Since upgrading to Lion I am having problems with Safari on my Macbook Pro. I am using wifi to access the internet and the internet works in all other application except for Safari. When I try to access a webpage most times I get a error message saying I am not connected to the internet. If I click on diagnose the problem, I get connect again to the internet through the diagnostic process and the webpage generally works. This is not a problem when wired to the internet.
Check your network settings, in particular the advanced setting "DNS Server". If it is by chance 127.0.0.1, make sure to change is and use a know DNS Server (from Google for example, or your own Router local address).
-
I recently got an IPad 2 and when I first set up the wifi connection the safari and facebook worked but suddenly whenever I attempt to get onto facebook it says Unable to connect and whenever I go on safari it says I am not connected to the internet. yet when I go on settings-- Wi-fi The network I should be cnnected with is ticked and it says I have connection, but once i try to go on the internet I have the same problem. Is there a way I can solve this by resetting or do I need to go into the apple shop to get it sorted. Any help? Thanks.
I recently got an IPad 2 and when I first set up the wifi connection the safari and facebook worked but suddenly whenever I attempt to get onto facebook it says Unable to connect and whenever I go on safari it says I am not connected to the internet. yet when I go on settings-- Wi-fi The network I should be cnnected with is ticked and it says I have connection, but once i try to go on the internet I have the same problem. Is there a way I can solve this by resetting or do I need to go into the apple shop to get it sorted. Any help? Thanks.
-
My ipad 2 appears to be connected to the internet(all bars are up in the left hand corner).....yet I cannot connect to the internet(Safari cannot connect open the page because it is not connected to the internet)
I unplugged my router for 30 seconds and restarted my ipad...still nothing
I really don't think it is my service because my laptop works fine...as I am using the internet right now
I only had this ipad for 2 days
Are there any suggestions that can help solve this problem?Usually it's because you are not making internet connection via wifi.
Look at iOS Troubleshooting Wi-Fi networks and connections http://support.apple.com/kb/TS1398
iPad: Issues connecting to Wi-Fi networks http://support.apple.com/kb/ts3304
Additional things to try.
Try this first. Turn Off your iPad. Then turn Off (disconnect power cord) the wireless router & then back On. Now boot your iPad. Hopefully it will see the WiFi.
Change the channel on your wireless router. Instructions at http://macintoshhowto.com/advanced/how-to-get-a-good-range-on-your-wireless-netw ork.html
How to Quickly Fix iPad 3 Wi-Fi Reception Problems
http://osxdaily.com/2012/03/21/fix-new-ipad-3-wi-fi-reception-problems/
If none of the above suggestions work, look at this link.
iPad Wi-Fi Problems: Comprehensive List of Fixes
http://appletoolbox.com/2010/04/ipad-wi-fi-problems-comprehensive-list-of-fixes/
Fix iPad Wifi Connection and Signal Issues http://www.youtube.com/watch?v=uwWtIG5jUxE
Cheers, Tom -
What does it mean when I click on my wifi name and it show I'm on my wifi, but the network keeps thinking and the ipad says, Safari cannot open this page because it is not connected to the internet. ?
When you click on the WiFi network name, have you also provided the password for accessing the network? You should get a dialogue box asking you for the security information the first time you connect.
If you are not able to connect, you might want to go to Settings > General > Reset > Reset network settings.
Then go back to Settings > WiFi and select your network name again and make sure the security information is now entered correctly.
If you still cannot connect, power down the router, wait a few minutes, power up the router, with the iPad powered down the whole time, and after the router has had several minutes to stabilize power up the iPad. See if it now connects correctly.
Maybe you are looking for
-
Server-Side Include Issue - Please Help
I am having trouble using server-side includes in Dreamweaver. When I use the SSI to insert the header file, the header document shows up on the page in design view, but I cannot click anything. The cursor turns into a "no sign" no matter where it is
-
Faces lost after editing in Photoshop Elements 6
I just upgraded to iLife '09. I use iPhoto 8.1.2 to organize my photos and Photoshop Elements 6 to edit them externally. My problem: when I edit a photo that has Faces data in PE 6 and then view the (updated) photo in iPhoto, the face data is gone an
-
Replicating SRM PO to ECC PO with all condition types
Hi Friends, I want to Repliacte SRM to ECC PO with all condition types, can any one give me idea on this thnx Kumar Srini
-
Hi, does anybody know if there is a way to establish a polling interval for a BPM in XI ? for example, you can configure a polling interval for the file adapter and this enables you to read a certain filesystem directory every n minutes/seconds... Is
-
What do I do? I dropped my iphone 4 in a cup of juice. Only the bottom was submerged. I turned it off immediately. THe speakers sound like they are busted like when you bust speakers in a car. When it rings it is ringing and vibrating and cutting in