• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 122
  • Last Modified:

how do you make the other subnets access the internet?

Hi Experts!
i have been unable to accomplish this.
i have three subnets:  test1, test2, test3
i have also created the network-objects for each of these subnets.
i can't seem to figure out how to make all three (test1, test2, test3) connect to the internet via asa5505 version 9.x on 7.x asdm.

my external ip is dynamically assigned and my local network is able to access the internet.
0
mwauki
Asked:
mwauki
  • 3
  • 3
  • 2
  • +2
4 Solutions
 
MattCommented:
Where did you define subnets? On ASA or is behind L3 switch for internal VLANs?
0
 
netcmhCommented:
The L3 switches need to have routes for each vlan to the internal interface of the ASA.
0
 
mikebernhardtCommented:
If the switch has a default route to the ASA, it will be good for all vlans. So it's more likely the other way- the ASA needs to have routes to the L3 switch for the various vlans.
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
mwaukiSystems EngineerAuthor Commented:
I only have three default vlans due to license limitations.  no switch just asa5505.
0
 
mikebernhardtCommented:
Are they all being NATed? Can they connect to each other?
0
 
HospitalITGuyCommented:
Check your config on the ASA
There are 3 things I can think of
1. I'm assuming you created a subinterface for the new subnets. Check the security level. It's common to have internal interfaces set to 100, just not zero.
2. Verify How your NAT is setup. by interface, by ip address, by object-id. This will determine how you modify the NAT statements.
3. Access list permitting ingress and egress http and https traffic to and from the new subnets.

All the best
0
 
mwaukiSystems EngineerAuthor Commented:
thanks guys... is it even possible even without more vlans?
0
 
mikebernhardtCommented:
Can you ping between hosts on different vlans? Is the problem only to the internet?
0
 
MattCommented:
Can you post config - remove all username and password please?

On ASA 5505 you cannot have subinterface. 3 VLANs - configuration?

ASA 5505 without Security Plus allows 3 VLAN only (inside, outside, DMZ).
0
 
mwaukiSystems EngineerAuthor Commented:
thank you all.  I have rectify the issue... I used a Linksys which has vlan capable and was able to create vlans for few other subnets.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 3
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now