CISCO ASA 5510 with ADSL line

Hi,
I am using CISCO ASA 5510 firewall behind ADSL line.
ADSL line no static IP.( configured and working Fine)
network Diagram  is followes
ADSL ----FIREWALL---LAN
ADSL Ethernet IP : 10.100.1.2
Firewall Outside : 10.100.1.1
Firewall Inside: 192.168.20.101
LAN  : 192.168.20.0/24

i have configured .. my configuration is pasted here.. My internal LAN clients can't access the Internet.. but i can  get IP resolved while pinging the DNS name. Same time i can access soem out side resources via some ports.. Only Web and ftp  etc are not accesable. In loggin i can see MSS is exceeded

hostname OPPS
domain-name default.domain.invalid
enable password svaRiTz/MNBKCode encrypted
names
dns-guard
!
interface Ethernet0/0
 nameif outside
 security-level 0
 ip address 10.100.1.1 255.255.255.0
!
interface Ethernet0/1
 nameif inside
 security-level 100
 ip address 192.168.20.101 255.255.255.0
!
interface Ethernet0/2
 shutdown
 no nameif
 no security-level
 no ip address
!
interface Management0/0
 nameif management
 security-level 100
 ip address 192.168.1.1 255.255.255.0
 management-only
!
passwd 2KFQnbNIdI.2KYOU encrypted
ftp mode passive
pager lines 24
logging enable
logging asdm informational
mtu management 1500
mtu inside 1500
mtu outside 1500
asdm image disk0:/asdm-507.bin
no asdm history enable
arp timeout 14400
nat-control
global (outside) 1 10.100.1.10-10.100.1.20 netmask 255.255.255.0
global (outside) 10 10.100.1.3
nat (inside) 1 192.168.20.0 255.255.255.0
route outside 0.0.0.0 0.0.0.0 10.100.1.2 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00
timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
http server enable
http 192.168.1.0 255.255.255.0 management
http 192.168.20.25 255.255.255.255 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
telnet 192.168.20.25 255.255.255.255 inside
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd address 192.168.1.2-192.168.1.254 management
dhcpd lease 3600
dhcpd ping_timeout 50
dhcpd enable management
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map global_policy
 class inspection_default
  inspect dns maximum-length 512
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
!
service-policy global_policy global

thanking You
Jayan.k
Start Free Trial