• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 785
  • Last Modified:

Cisco ASA5505 Firewall Issue

Dear Experts

I need your help I have an issue with my Cisco ASA5505 firewall.

Basically I can't get any web page to work through the firewall.

All pages just eventually time out I just can't seem to work out what the issue is!!!

Any assistance would be greatly appreciated

Copied below is the config I am currently using

0
Robert_Rayworth
Asked:
Robert_Rayworth
  • 3
  • 3
3 Solutions
 
Robert_RayworthAuthor Commented:
This is my current config ExpertsExchange-Config.txt
0
 
chouckhamCommented:
Hi Robert,

Few things zou need to let us know:
++ Is your Outside IP address issued by DHCP?
++ Does this connection also provide you with DNS resolution?

I have noticed your default route outside is set as: "route outside 0.0.0.0 0.0.0.0 192.168.1.254 1" Which is the Internal IP address of your Firewall to the LAN. This should be set to your ISP's DF Gateway address or if its your lan, your next hop...
0
 
lrmooreCommented:
>route outside 0.0.0.0 0.0.0.0 192.168.1.254 1
You must remove this entry so that DHCP will learn the default route
0
KuppingerCole Reviews AlgoSec in Executive Report

Leading analyst firm, KuppingerCole reviews AlgoSec's Security Policy Management Solution, and the security challenges faced by companies today in their Executive View report.

 
Robert_RayworthAuthor Commented:
Thanks for responding I am going to try out what Irmoore suggest which makes sense.

You don't know how long this has been driving me mad!!!

Message for Chouckham yes my outside address is issued by DHCP. Vlan 2 is plugged into a cable modem which doesn't have a fixed IP address. And that DHCP address does get DNS resolution.

I did also notice that I wasn't able to get an IP address from connecting switch port 0 directly into the cable modem. After quite a bit of fault finding I discovered the issue to be with Cisco using a very long Vlan2
Ethernet 0/0
Client-ID:      cisco-1cdf.0f5c.61e7-outside-ASA-5505
I managed to get round this by setting up client id to use a MAC address the cable modem was use to speaking to.

This however never got me to a place to open web pages.

I am hoping by removing this entry it will

I will post back nad let you know if its a winner!!!
0
 
chouckhamCommented:
Exactly as both Irmoore and I pointed out the "route outside 0.0.0.0 0.0.0.0 192.168.1.254 1" is incorrect and should be removed.

Please let us know the outcome.
0
 
Robert_RayworthAuthor Commented:
Hi guys basically what you both suggested was correct so how do you want me to award the points.
I have to admit the user Chouckham suggestion was clearer in that he told me exactly what to do so would it be fair to split the points????
0
 
chouckhamCommented:
I don't mind Robert. Split sounds good to me.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: CompTIA Healthcare IT Tech

This course will help prep you to earn the CompTIA Healthcare IT Technician certification showing that you have the knowledge and skills needed to succeed in installing, managing, and troubleshooting IT systems in medical and clinical settings.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now