Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 119
  • Last Modified:

how do you make the other subnets access the internet?

Hi Experts!
i have been unable to accomplish this.
i have three subnets:  test1, test2, test3
i have also created the network-objects for each of these subnets.
i can't seem to figure out how to make all three (test1, test2, test3) connect to the internet via asa5505 version 9.x on 7.x asdm.

my external ip is dynamically assigned and my local network is able to access the internet.
0
mwauki
Asked:
mwauki
  • 3
  • 3
  • 2
  • +2
4 Solutions
 
MattCommented:
Where did you define subnets? On ASA or is behind L3 switch for internal VLANs?
0
 
netcmhCommented:
The L3 switches need to have routes for each vlan to the internal interface of the ASA.
0
 
mikebernhardtCommented:
If the switch has a default route to the ASA, it will be good for all vlans. So it's more likely the other way- the ASA needs to have routes to the L3 switch for the various vlans.
0
Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

 
mwaukiAuthor Commented:
I only have three default vlans due to license limitations.  no switch just asa5505.
0
 
mikebernhardtCommented:
Are they all being NATed? Can they connect to each other?
0
 
HospitalITGuyCommented:
Check your config on the ASA
There are 3 things I can think of
1. I'm assuming you created a subinterface for the new subnets. Check the security level. It's common to have internal interfaces set to 100, just not zero.
2. Verify How your NAT is setup. by interface, by ip address, by object-id. This will determine how you modify the NAT statements.
3. Access list permitting ingress and egress http and https traffic to and from the new subnets.

All the best
0
 
mwaukiAuthor Commented:
thanks guys... is it even possible even without more vlans?
0
 
mikebernhardtCommented:
Can you ping between hosts on different vlans? Is the problem only to the internet?
0
 
MattCommented:
Can you post config - remove all username and password please?

On ASA 5505 you cannot have subinterface. 3 VLANs - configuration?

ASA 5505 without Security Plus allows 3 VLAN only (inside, outside, DMZ).
0
 
mwaukiAuthor Commented:
thank you all.  I have rectify the issue... I used a Linksys which has vlan capable and was able to create vlans for few other subnets.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now