how do you make the other subnets access the internet?

Hi Experts!
i have been unable to accomplish this.
i have three subnets:  test1, test2, test3
i have also created the network-objects for each of these subnets.
i can't seem to figure out how to make all three (test1, test2, test3) connect to the internet via asa5505 version 9.x on 7.x asdm.

my external ip is dynamically assigned and my local network is able to access the internet.
mwaukiAsked:
Who is Participating?
 
MattConnect With a Mentor Commented:
Can you post config - remove all username and password please?

On ASA 5505 you cannot have subinterface. 3 VLANs - configuration?

ASA 5505 without Security Plus allows 3 VLAN only (inside, outside, DMZ).
0
 
MattConnect With a Mentor Commented:
Where did you define subnets? On ASA or is behind L3 switch for internal VLANs?
0
 
netcmhCommented:
The L3 switches need to have routes for each vlan to the internal interface of the ASA.
0
The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

 
mikebernhardtConnect With a Mentor Commented:
If the switch has a default route to the ASA, it will be good for all vlans. So it's more likely the other way- the ASA needs to have routes to the L3 switch for the various vlans.
0
 
mwaukiAuthor Commented:
I only have three default vlans due to license limitations.  no switch just asa5505.
0
 
mikebernhardtCommented:
Are they all being NATed? Can they connect to each other?
0
 
HospitalITGuyConnect With a Mentor Commented:
Check your config on the ASA
There are 3 things I can think of
1. I'm assuming you created a subinterface for the new subnets. Check the security level. It's common to have internal interfaces set to 100, just not zero.
2. Verify How your NAT is setup. by interface, by ip address, by object-id. This will determine how you modify the NAT statements.
3. Access list permitting ingress and egress http and https traffic to and from the new subnets.

All the best
0
 
mwaukiAuthor Commented:
thanks guys... is it even possible even without more vlans?
0
 
mikebernhardtCommented:
Can you ping between hosts on different vlans? Is the problem only to the internet?
0
 
mwaukiAuthor Commented:
thank you all.  I have rectify the issue... I used a Linksys which has vlan capable and was able to create vlans for few other subnets.
0
All Courses

From novice to tech pro — start learning today.