?
Solved

Cox Cable and ASA 5510

Posted on 2012-09-15
10
Medium Priority
?
486 Views
Last Modified: 2014-08-15
I recently moved my organization to COX cable from the T3 we had B4.  When I plug the ASA into the cable I can ping the gateway from outside INT but I get a NO EGRESS when trying to ping from inside INT.  With the T3 I had 2 serial ip's for a router inside and out both a /30.  Here they gave me just a gateway and non-contiguous block of IP's.  Need to get traffic across the inside INT to out.  No vpn or anything else setup just generic for right now.  Attaching my config.
asa-config.txt
0
Comment
Question by:rgoodman1
  • 3
  • 3
  • 2
8 Comments
 
LVL 22

Expert Comment

by:eeRoot
ID: 38403599
The interface eth0/0 IP of xxx.xxx.xxx.198 and the line "route Outside 0.0.0.0 0.0.0.0 xxx.xxx.xxx.198 1" may be conflicting.  Can you double check these addresses and make sure that the firewall is not set to route to itself?
0
 

Author Comment

by:rgoodman1
ID: 38403630
I dont see a conflict.  Everything states all traffic going out must use eth0/0.  Maybe I am missing something with what you were saying.
0
 
LVL 37

Expert Comment

by:ArneLovius
ID: 38404649
your route outside
route Outside 0.0.0.0 0.0.0.0 xxx.xxx.xxx.198 1

appears to use the same address as the outside interface
ip address xxx.xxx.xxx.198 255.255.255.240

the route statement should be to a different address
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 

Author Comment

by:rgoodman1
ID: 38406033
Explain a little more please.  Should I leave the route outside off?  The way I saw it was is everything inside routes outside VIA the outside int, which has a gateway attached to it.
0
 
LVL 37

Accepted Solution

by:
ArneLovius earned 2000 total points
ID: 38406251
the route outside must be to the address of the cox gateway, not the local interface.
0
 

Author Comment

by:rgoodman1
ID: 38406301
Will try tmw as I am home now.  Still dont understand why outside int could ping the gateway but the inside could not even ping the outside much less the gateway.
0
 
LVL 37

Expert Comment

by:ArneLovius
ID: 38406357
Because the gateway was local to the outside interface, you don't need a route to reach another host on the same network, however to reach it from another network you need a route to it.
0
 
LVL 22

Expert Comment

by:eeRoot
ID: 38407456
The inside traffic needs to be redirected through the outside interface, this is what the router statement does.  The pings from the firewall itself are working, because pinging from the interface forces the traffic to go out through the outside interface.  The pings from the inside are never leaving the firewall because the route statement is pointing at the firewall.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the hope of saving someone else's sanity... About a year ago we bought a Cisco 1921 router with two ADSL/VDSL EHWIC cards to load balance local network traffic over the two broadband lines we have, but we couldn't get the routing to work consi…
How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question