asa routing


where is my bug? I can't reach the outside interface from the inside... i must build it without nat.

interface inside sec-level 50 interface outside sec-level 0 route 0 0 123.12.20

access-list nonat extended permit any any nat (inside) 0 access-list nonat

thx for help

Reply to
Loading thread data ...

Can you explain further what you want to do, there is very little information to go on here.

If you are trying to ping the outside interface from the inside you won't be able to.

Also this seems like a typo 'route 0 0 123.12.20'

You have not entered the correct address properley. Also your outside interface is /24 so if your default route is to

123.12.20.X /24 this is on a different network.



Reply to
Darren Green

I hope u have ASA with IOS 7.X Did you enabled Management access ?

Reply to

Am Fri, 16 Nov 2007 09:39:40 -0800 schrieb CK:

Hello together,

i can't get from inside interface to outside. Now i've configured with "no nat-control" and the route is "route outside 0 0".

ASA IOS 7.01 and Management access is enabled!

Reply to

Like some previously mentioned that route 0 0 statement does not route to a known network.

Also, I always find pings to be bad tests through firewalls. As you may know a high security level interface can talk freely through a lower level interface by default. By defaul the lower level interface is denied access through the lower security level interface. I'd log the traffic when doing a ping. I'd be willing to bet that you'll need an ACL for outside_access_in for this to work.

Reply to
CeykoVer Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.