Can't Ping Outside Cisco 3550

I have a Cisco 3550 running (C3550-IPBASEK9-M), Version 12.2(25)SEE3) and it is connected to a Cisco ASA 5505 on one uplink, and behind it i have a port channel to a cisco 2950. Now, from every device on the network i am able to ping anything on the Internet (all servers, workstations, ASA, and even the other switch behind the 3550). On the 3550 i can ping all devices internally, but nothing on the internet, it doesnt seem like it cant go outside to the Internet at all. Am i missing something? So far the network is running fine with no issues.
LVL 4
Cobra25Asked:
Who is Participating?
 
Cobra25Author Commented:
I resolved the issue. It was the NAT as i suspected.
0
 
FideliusCommented:
Hello,

What is default gateway on Cisco 3550?
Can you ping Cisco 3550 from ASA?
Do you have Cisco 3350 IP addres blocked on ASA by inside ACL?
Do you have  Security Plus license on ASA 5505?
How many interfaces are you using on ASA? Just outside and inside? Or also DMZ.

Regards!
0
 
Cobra25Author Commented:
Default gateway is the ASA.
Yes can ping 3550 from ASA.
Do not have it blocked by ACL inside.
No base licesnse.
Just inside and outside, super simple.
0
Network Scalability - Handle Complex Environments

Monitor your entire network from a single platform. Free 30 Day Trial Now!

 
Istvan KalmarHead of IT Security Division Commented:
Hi,

please show the configs
0
 
Cobra25Author Commented:
i think i figured out the issue, theres an issue with the NAT on the ASA. Will post back
0
 
Istvan KalmarHead of IT Security Division Commented:
ok
0
 
Istvan KalmarHead of IT Security Division Commented:
you able to view the problem on the ASA ASDM monitor function live
0
 
Cobra25Author Commented:
how so?
0
 
Istvan KalmarHead of IT Security Division Commented:
here is that you need:)

http://www.cisco.com/en/US/docs/security/asdm/6_1/user/guide/mon_log.html

go to ASDM --> MONITORING --> LOGGING --> VIEW...
0
 
Feroz AhmedSenior Network EngineerCommented:
Hi,

you can configure ACL on firewall from inside to outside as below :

ASA(config-t)#Access-list 101 permit icmp any any ech-reply
ASA(Config-t)#policy-map global_policy
ASA(Config-t)#ICMP enable

and check you should be able to ping and connect to outside network.
0
 
Feroz AhmedSenior Network EngineerCommented:
ASA(Config)#Inspect ICMP
0
 
Cobra25Author Commented:
Resolved issue on my own.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.