We help IT Professionals succeed at work.
Get Started

ASA can't connect to the internet

ibtaya
ibtaya asked
on
657 Views
Last Modified: 2012-05-09
I can't see it, maybe another set of eyes will tell me why this 5505 won't let internal traffic hit the internet.
ciscoasa# show run
: Saved
:
ASA Version 7.2(4)
!
hostname ciscoasa
enable password AIcksG3fLJsdvdQfdUsrks34334fnx encrypted
passwd NyvjsmOfivAsKofZ7sSSn encrypted
names
!
interface Vlan1
 nameif inside
 security-level 100
 ip address 192.168.10.5 255.255.255.0
!
interface Vlan2
 nameif Outside
 security-level 0
 ip address 17x.xx.xx.x1 255.255.255.248
!
interface Ethernet0/0
 switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
 shutdown
!
interface Ethernet0/5
 shutdown
!
interface Ethernet0/6
 shutdown
!
interface Ethernet0/7
 shutdown
!
ftp mode passive
clock timezone EST -5
clock summer-time EDT recurring
dns domain-lookup inside
dns domain-lookup Outside
dns server-group DNS
dns server-group DefaultDNS
 name-server 68.87.68.162
 name-server 192.168.10.202
access-list 101 extended permit ip 192.168.1.0 255.255.255.0 192.168.10.0 255.255.255.0 log
access-list 101 extended permit ip 192.168.0.0 255.255.255.0 192.168.10.0 255.255.255.0 log
access-list 101 extended permit tcp any host 173.xx.xx.x4 eq www log
pager lines 24
logging enable
mtu inside 1500
mtu Outside 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-524.bin
no asdm history enable
arp timeout 14400
global (Outside) 1 1xx.xx.xx.x
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,Outside) tcp 173.1xx.xx.x4 www 192.168.10.126 www netmask 255.255.255.255
access-group 101 in interface Outside
route Outside 0.0.0.0 0.0.0.0 173.xx.xx.x6 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
http server enable
http 192.168.0.0 255.255.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server community smc
snmp-server enable traps snmp authentication linkup linkdown coldstart
telnet 0.0.0.0 0.0.0.0 inside
telnet timeout 5
ssh 0.0.0.0 0.0.0.0 Outside
ssh timeout 10
ssh version 2
console timeout 0

username admin password EiPHasldkjflskjfdlsQOoy1.jIg7G encrypted privilege 10
tunnel-group vpn type ipsec-ra
!
!
prompt hostname context
Cryptochecksum:004c0005594b85376a550d4ab259847d
: end
ciscoasa#

Open in new window

Comment
Watch Question
IT Director
Commented:
This problem has been solved!
Unlock 1 Answer and 13 Comments.
See Answer
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE