Solved

how do you make the other subnets access the internet?

Posted on 2015-02-11
10
108 Views
Last Modified: 2015-02-12
Hi Experts!
i have been unable to accomplish this.
i have three subnets:  test1, test2, test3
i have also created the network-objects for each of these subnets.
i can't seem to figure out how to make all three (test1, test2, test3) connect to the internet via asa5505 version 9.x on 7.x asdm.

my external ip is dynamically assigned and my local network is able to access the internet.
0
Comment
Question by:mwauki
  • 3
  • 3
  • 2
  • +2
10 Comments
 
LVL 6

Assisted Solution

by:Matt
Matt earned 225 total points
ID: 40603303
Where did you define subnets? On ASA or is behind L3 switch for internal VLANs?
0
 
LVL 20

Expert Comment

by:netcmh
ID: 40603338
The L3 switches need to have routes for each vlan to the internal interface of the ASA.
0
 
LVL 28

Assisted Solution

by:mikebernhardt
mikebernhardt earned 100 total points
ID: 40604047
If the switch has a default route to the ASA, it will be good for all vlans. So it's more likely the other way- the ASA needs to have routes to the L3 switch for the various vlans.
0
 

Author Comment

by:mwauki
ID: 40604385
I only have three default vlans due to license limitations.  no switch just asa5505.
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 40604394
Are they all being NATed? Can they connect to each other?
0
Scale it in WD Gold

With up to ten times the workload capacity of desktop drives, WD Gold hard drives employ advanced technology to deliver among the best in reliability, capacity, power efficiency and performance.

 
LVL 1

Assisted Solution

by:HospitalITGuy
HospitalITGuy earned 175 total points
ID: 40604578
Check your config on the ASA
There are 3 things I can think of
1. I'm assuming you created a subinterface for the new subnets. Check the security level. It's common to have internal interfaces set to 100, just not zero.
2. Verify How your NAT is setup. by interface, by ip address, by object-id. This will determine how you modify the NAT statements.
3. Access list permitting ingress and egress http and https traffic to and from the new subnets.

All the best
0
 

Author Comment

by:mwauki
ID: 40604906
thanks guys... is it even possible even without more vlans?
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 40605007
Can you ping between hosts on different vlans? Is the problem only to the internet?
0
 
LVL 6

Accepted Solution

by:
Matt earned 225 total points
ID: 40605078
Can you post config - remove all username and password please?

On ASA 5505 you cannot have subinterface. 3 VLANs - configuration?

ASA 5505 without Security Plus allows 3 VLAN only (inside, outside, DMZ).
0
 

Author Comment

by:mwauki
ID: 40606695
thank you all.  I have rectify the issue... I used a Linksys which has vlan capable and was able to create vlans for few other subnets.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
SRX240 SYSLOG Setting 6 86
How to setup PLEX PLUS on 2 computers 2 40
Best Quad port Gigabit Network card for Hyper-V 2 74
What is CPU in "RP/0/RSP0/CPU0:router#"? 6 27
This article is a how to to configure a UCS Ethernet-uplink portchannel via the console. It is easy to do and can be done quite quickly. In certain versions of the UCS manager the portchannel has issues coming up and this is a workaround. I am…
Hi there, This article summarizes what you need if you are going to set up your home or small business Network Attached Storage (NAS) to be accessible from the internet. Of course there are configuration differences based on your NAS or router ma…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

932 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now