How to allow access to VLAN from outside (ASA and 881)

I have two Cisco routers ASA5510 and 881.
881 has two vlans, VLAN1 and VLAN2. VLAN1 is on 10.10.25.0 sub-net and computers from VLAN1 can communicate and authenticate to 10.10.0.88 which is a domain server.
How can I configure 881 so it will allow communication the other way around? If I try to ping VLAN1 or access the  computer (10.10.25.10) from 10.10.0.88 i am unable to do it.

Please check the attached txt with 881 config and the image with network layout.

Thank you for your help.
881-config.txt
network-layout.png
kesermAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

ddiazpCommented:
Easy right off the bat:

Your 10.10.0.88 host probably does not have a route to 192.168.1.0/24, make sure you have that route on your ASA:


ip route 192.168.1.0 255.255.255 10.10.0.2

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Don S.Commented:
The ASA is not a router.  It is a firewall and as such, it likely would have rules not allowing ping to go through in that direction.  check the rules in the asa to see what is explicitly allowed through.
kesermAuthor Commented:
Thanks for the reply!

ddiazp

Did you mean:
ip route 10.10.25.0 255.255.255 10.10.0.2

I'll have to wait until morning to make the change.
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

ddiazpCommented:
255.255.255.0....
 and yeah i jimped a bit too ahead of myself, make sure icmp echo and echo reply are allowed on the firewall
kesermAuthor Commented:
ASA does not allow 'ip route' command, I get:
'Invalid input detected at '^' marker.'

This is in production so I can't play much wit it. Should I use:

route inside 10.10.25.0 255.255.0 10.10.0.2
kesermAuthor Commented:

ASA:
'route inside 10.10.25.0 255.255.0 10.10.0.2' worked.


It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Routers

From novice to tech pro — start learning today.