Hi all I've just started my experiance with ASA, read a lot but still can't make it to put traffick through. Can anyone help me? I have got as follows:
Router: eth0 - public IP connected to the internet eth1 - private IP 10.10.10.1/24
ASA: Eth0/0 connected to eth1 router Eth0/1 connected to cisco switch with trunk encapsulation dot1q - vlan
10Config:
interface Ethernet 0/0 nameif outside security-level 0 ip address 10.10.10.2/24 !
interface Ethernet 0/1 no nameif no security-level no ip address !
inteface Ethernet 0/1.10 vlan 10 nameif dmz security-level 50 ip address 10.1.1.1 255.255.255.0 !
I can ping from ASA computers connected to vlan 10 an from computers to interface 10.1.1.1, default gateway on computers is 10.1.1.1
On ASA I also set: ! nat-control global (outside) 1 interface nat (dmz) 0 10.1.1.0 255.255.255.0 ! route outside 0.0.0.0 0.0.0.0 10.1.1.1 1 ! access-list out2in permit ip any any access-group out2in in interface outside ! class-map inspection_default match default-inspection-traffic ! policy-map global_policy class inspection_default inspect dns maximum-length 512 inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect esmtp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp ! service-policy global_policy global
What ele do I have to do to make it work I can't ping 10.10.10.1,2 etc. and anything what is behind outside interface. Mike