We help IT Professionals succeed at work.
Get Started

Cisco ASA 5505 initial config

bwander
bwander asked
on
778 Views
Last Modified: 2012-08-13
Having trouble with the initial config of an ASA 5505.  Can't browse the Internet from clients pointing to my internal DNS server (which has ISP forwarders setup).  Seems to be a DNS issue, but who knows?  Also doesn't look like mail is coming in.  Any help would be appreciated.
Result of the command: "sh run"

: Saved
:
ASA Version 7.2(4) 
!
hostname ciscoasa
domain-name domain.local
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
!
interface Vlan1
 nameif inside
 security-level 100
 ip address 192.168.1.1 255.255.255.0 
!
interface Vlan2
 nameif outside
 security-level 0
 ip address *.*.*.194 255.255.255.192 
!
interface Vlan3
 shutdown
 no forward interface Vlan1
 nameif dmz
 security-level 50
 no ip address
!
interface Ethernet0/0
 switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
ftp mode passive
dns server-group DefaultDNS
 domain-name domain.local
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
access-list mailserver extended permit tcp any host *.*.*.196 eq smtp 
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
mtu dmz 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-524.bin
no asdm history enable
arp timeout 14400
global (outside) 1 *.*.*.195-*.*.*.254 netmask 255.255.255.0
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) *.*.*.196 192.168.1.7 netmask 255.255.255.255 
access-group mailserver in interface outside
route outside 0.0.0.0 0.0.0.0 *.*.*.193 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
http server enable
http 192.168.1.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd auto_config outside
!
dhcpd address 192.168.1.2-192.168.1.129 inside
!

!
!
prompt hostname context 
Cryptochecksum:22d971d7b43e72381b3268558f81126f
: end

Open in new window

Comment
Watch Question
This problem has been solved!
Unlock 1 Answer and 28 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE