Solved

Cisco ASA5505 Firewall Issue

Posted on 2011-03-05
7
778 Views
Last Modified: 2012-05-11
Dear Experts

I need your help I have an issue with my Cisco ASA5505 firewall.

Basically I can't get any web page to work through the firewall.

All pages just eventually time out I just can't seem to work out what the issue is!!!

Any assistance would be greatly appreciated

Copied below is the config I am currently using

0
Comment
Question by:Robert_Rayworth
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 

Author Comment

by:Robert_Rayworth
ID: 35045099
This is my current config ExpertsExchange-Config.txt
0
 
LVL 3

Assisted Solution

by:chouckham
chouckham earned 167 total points
ID: 35046191
Hi Robert,

Few things zou need to let us know:
++ Is your Outside IP address issued by DHCP?
++ Does this connection also provide you with DNS resolution?

I have noticed your default route outside is set as: "route outside 0.0.0.0 0.0.0.0 192.168.1.254 1" Which is the Internal IP address of your Firewall to the LAN. This should be set to your ISP's DF Gateway address or if its your lan, your next hop...
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 83 total points
ID: 35046854
>route outside 0.0.0.0 0.0.0.0 192.168.1.254 1
You must remove this entry so that DHCP will learn the default route
0
Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

 

Author Comment

by:Robert_Rayworth
ID: 35056050
Thanks for responding I am going to try out what Irmoore suggest which makes sense.

You don't know how long this has been driving me mad!!!

Message for Chouckham yes my outside address is issued by DHCP. Vlan 2 is plugged into a cable modem which doesn't have a fixed IP address. And that DHCP address does get DNS resolution.

I did also notice that I wasn't able to get an IP address from connecting switch port 0 directly into the cable modem. After quite a bit of fault finding I discovered the issue to be with Cisco using a very long Vlan2
Ethernet 0/0
Client-ID:      cisco-1cdf.0f5c.61e7-outside-ASA-5505
I managed to get round this by setting up client id to use a MAC address the cable modem was use to speaking to.

This however never got me to a place to open web pages.

I am hoping by removing this entry it will

I will post back nad let you know if its a winner!!!
0
 
LVL 3

Assisted Solution

by:chouckham
chouckham earned 167 total points
ID: 35056467
Exactly as both Irmoore and I pointed out the "route outside 0.0.0.0 0.0.0.0 192.168.1.254 1" is incorrect and should be removed.

Please let us know the outcome.
0
 

Author Comment

by:Robert_Rayworth
ID: 35071814
Hi guys basically what you both suggested was correct so how do you want me to award the points.
I have to admit the user Chouckham suggestion was clearer in that he told me exactly what to do so would it be fair to split the points????
0
 
LVL 3

Expert Comment

by:chouckham
ID: 35072279
I don't mind Robert. Split sounds good to me.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen some questions on problems with SSH/telnet access to Cisco routers that may occur despite the fact that from a PC connected to your LAN, Internet connectivity is in place and users can access Internet sites without any issues.  There are…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question