Cisco VPN :: ASA 5505 Can't Ping Any Device Internal Network

Feb 6, 2011

I'm new to this cisco 5505 and I want to carry out a task as simple as a remote access VPN, in my case I did the wizard, with time on my test, I could connect to the VPN, but I can not ping any device internal network. [code]

View 6 Replies


ADVERTISEMENT

Cisco VPN :: ASA 5505 - VPN Cannot Ping Internal Network

Nov 11, 2012

I have the connection working with my ASA 5505 but cannot ping the internal network. (Note external interface is getting the IP via DHCP)

View 4 Replies View Related

Cisco Firewall :: ASA 5505 Cannot Ping Secondary Internal Network?

Jan 15, 2012

Cisco ASA 5505 Cannot Ping Secondary Internal Network.

View 9 Replies View Related

Cisco 5505 - Cannot Ping The Laptop From The Device

Jul 21, 2011

I have a new 5505 that im trying to upgrade the IOS on. The 5505 and the laptop are connected via a 5 port switch.From the laptop i can ping the inside interface of the 5505, but i cannot ping the laptop from the 5505. As a result, my TFTP is failing.

View 5 Replies View Related

Netgear CVG824G - UnPn Device Accessible Via Public IP When On Internal Network Only

Mar 26, 2012

setup my Foscam IP cam lastnight on the Wireless network using UnPn and was able to access it fine via the public IP , using another PC on the same network with no issues. However when I tried to access it from work it doesnt connect - Is there a firewall setting that im overlooking?

FYI im using a Netgear CVG824G

View 1 Replies View Related

Cisco Firewall :: ASA 5512-X / VPN Client Is Connected But Unable To Ping Internal Network

Mar 17, 2013

I have created a VPN connection for ASA 5512-X by using the wizards and nothing seems to be wrong on the wizards's config.I am able to connect to the network by using the VPN but unable to ping internal network.Below is my config for your reference:
 
Result of the command: "sh run"
 : Saved
:
ASA Version 8.6(1)2
!
hostname FAA-ASA-1
enable password crzcsirI44h2BHoz encrypted
passwd 2KFQnbNIdI.2KYOU encrypted

[code].....

View 6 Replies View Related

Cisco Firewall :: ASA 5505 How To Map SSH From Outside Network Range To Internal

Feb 21, 2013

I have a Cisco ASA 5505 (version above) and I have someone that needs to SSH into a box behind the ASA. I'm having a few issues trying to configure this access-list and NAT. I've tried many combinations and clearly my IOS is not as good as I thought. What commands should I enter to accomplish mapping SSH from an outside network range to an internal host ?

View 5 Replies View Related

Cisco Firewall :: ASA 5505 Configuration Cannot Get To Internal Network

Jan 25, 2012

I now need to configure an ASA 5505 for a small server farm.  It's fairly straightforward:isp -> asa5505 -> internal servers,'m using static addresses -- no DHCP involved.VPN works;  I can get into the internal network.pinging from the ASA to an external address works,However, I cannot get from a laptop connected to an internal port out to the internet, either using ping or typing an address in the browser.

View 7 Replies View Related

Cisco VPN :: 5505 - Logged In VPN Can't Access DMZ From Internal Network

Apr 9, 2012

What I got is a 5505 ASA firewall and I'm connected to it via VPN.  I'm pulling an 192.168.169.x address because that's what we set their company's internet LAN to.  Which is what we want.  What I can't do while I'm VPN'd in is ping from the internet network to the DMZ, and the same when I try and ping from the DMZ to the internal network.
 
The DMZ is on a 196.0.0.x network.The internet network is 192.168.169.x network.
 
I don't need them to have internet access on the DMZ I just want to be able to access it from the internal network.  What is going on is we need them to be able to VPN into the DMZ and access their equipment.  At this point it would just make me happy to be able to ping from the internal network to the DMZ and I can figure it out from there I've setup rules and applied them and when I wasn't having success I referred back to defaults.  Right now the rules are set at default, any thing in and anything out, on both internal and DMZ.  I'm using a VPN client and going through Cisco ASDM Launcher to setup the rules and static routes, I haven't done anything with the command line.  All the research I've done everyone does it command line, I find it easier to do it GUI.  This is my first time working with an ASA firewall.

View 2 Replies View Related

Cisco Firewall :: ASA 5505 - Nat Internal Network Before Sending Over Tunnel

Oct 27, 2011

For a customer I have configured a new ASA 5505 firewall with 8.42 software. I had to build 3 ipsec tunnels to different locations and firewalls. All tunnels are working except one. I have to translate the inside network 1 to 1 to a different private range before it is sent over the tunnel. Each host from network 192.168.133.0 /24 has to be translated to a  192.168.112.0 /24 host and then sent over the tunnel. (e.g. 192.168.133.22 translated to 192.168.112.22)

View 3 Replies View Related

Cisco VPN :: 5505 - IPSec RA Connects - No Traffic To Internal Network

May 17, 2013

I have a ASA 5505, which has two IPSec RA tunnels build, for each one the user is able to authenticate  and get an IP address is the designated IP pool, but they are not able to ping the Firewall, or RDP to any internal servers. Here is a copy of the running config:
 
: Saved
:
ASA Version 7.2(2)
!
hostname ciscoasa(code)

View 1 Replies View Related

Cisco Firewall :: ASA 5505 - Connect Single Internal Network To Internet?

Aug 23, 2012

I have configured an ASA 5505 to connect a single internal network to internet, it is not working. I have attached the config

View 9 Replies View Related

Cisco Firewall :: ASA 5505 / Vendor Is Not Able To Access Devices On Internal Network

Sep 10, 2012

I have a 5505 between a vendor router & my company network, vendor is not able to access devices on internal network. I am also not able to access the firewall via asdm

View 10 Replies View Related

Why Does Router Ping Google Faster Than A Device On Network

Aug 6, 2012

When I ping google from my computer I get 0% packet loss and average ping time is 35ms. But when I ping any device on my network the time is 147ms and 25% loss. Shouldn't it ping my devices faster?

View 3 Replies View Related

Cisco Switching/Routing :: 5505 Can't Connect To Public NAT Address From Internal Network

Dec 19, 2011

I have an ASA 5505 configured with internal network, a DMZ, and a VPN on seperate subnets.  The implicit rules allow my internal client computers to connect to the web servers on the DMZ IP, but I can not connect to the public NAT address from the internal network.  I have a DNS server on my internal network and it does resolve to the public IP correctly.  NAT seems to be working correctly because if I go outside the network and connect to the public IP or qualified name then I can get to everything correctly.  I do not see any messages in the Cisco logs and the packet trace tool shows the route of http from an internal IP adddress  to the external (NATed) address is allowed.
 
Specifically, I can go to http://192.168.1.121 from the internal (192.168.0/24) network, but I can not go to http://72.22.214.121 (the NAT address) from the internal network.  If I am outside my cisco then I can go to http://72.22.214.121 easily. [code]

View 1 Replies View Related

Cisco VPN :: 3560 Cannot Ping Internal Network Via VPN Site To Site

May 30, 2012

I have the following VPN site-2-site configuration.The trouble I'm having is host 172.168.88.3 in site A is not able to ping 172.168.200.3 in site B and visa versa. Think I have added the static routes and ACLs correctly on the 3560 switches (acting as gateways) and both PIX's to access the internal networks. Host 172.168.9.3 can ping 172.168.200.3 fine.

View 3 Replies View Related

Cisco VPN :: 5505 - AnyConnect Access / Cannot Ping Devices On Private Network

Jun 11, 2012

We have configured a Cisco ASA 5505 with AnyConnect access.  This works great.  However, these users cannot seem to ping devices on the private network.  We have configured all devices on the network with a 10.10.10.0/24 address space.  The inside interface of the ASA i 10.10.10.1/24 and the VPN return addresses are 10.10.10.50 - 10.10.10.65/24.They users can utilize SSH and Oracle or MySQL calls but cannot seem to ping.   Obviously, I am over looking something.

View 2 Replies View Related

Cisco VPN :: ASA 5505 / Remote Access VPN - Unable To Access Internal Network

May 7, 2012

I have created remote access vpn in my ASA 5505. The tunnel is established but i am not able to access the internal network.

View 3 Replies View Related

External IP To Internal Device?

Sep 22, 2012

I have a checkpoint Safe@Office 500 firewall router, connected to adsl via another adsl device in bridged mode.We needed to assign an external IP to a device behind the firewall.We contacted the ISP, and now they have assigned an additional IP to our adsl account.I have read from the documentation that:"NAT can be defined automatically via the network object (Node, Network or Address Range). When you define NAT via the network object, rules are automatically added to the Address Translation Rule Base"....so I add the object, with the external IP given to us by our ISP, and the wizard simply complains that the IP address is invalid.My thoughts are that the router does not know about the additional IP provided by our ISP. If so, how do I tell the router that there are other IP addresses available to use? I have rebooted the router, and no luck.

View 1 Replies View Related

Cisco :: VPN Can't Ping Single Internal Address?

Feb 22, 2012

I'm running into a strange problem and cant seem to figure it out. I have an asa running 8.2(1). I have an ipsec vpn setup and working great. I can ping hosts on the inside of the network and everything seems to be fine. However there is one single ip address that i know for a fact is live, but i cannot ping through the vpn. If i ping the address from the asa i get a reply, if i ping the address from inside the network i get a reply, but if i ping when connected through the vpn no reply.

View 4 Replies View Related

Cisco Firewall :: Can't Ping Internal Client From Pix 515

Mar 28, 2012

I just setup my home network with Pix 515 acting as my router/firewall but I can't seem to ping my internal PC from my ASA. I can access the internet and ping my Pix 515 inside interface from my pc but I can't ping my pc from my Pix 515. I can also renew/release IP's from my PC. I also did a packet tracer and it says that it was dropped due to an access list but I have one in place. Also my switch has the default config. Below is my config
 
Internet <----> Comcast modem <-----> Pix 515 <-------> Cisco switch <-----> PC
 MYFIREWALL# sh run
: Saved

[Code].....

View 4 Replies View Related

Cisco WAN :: 2800 Internal Hosts Cannot Ping Outside

Dec 6, 2012

I'm having an issue where internal hosts cannot access the internet but I am able to ping external hosts when I console into the router. The router is a 2800 series. [code]

View 3 Replies View Related

Cisco Firewall :: ASA 5550 - Cannot Ping SITE 1 PIX From Internal IP

Oct 15, 2012

We have two networks HQ and Site1 and for some reason we can’t ping the inside IP for Site1 PIX device. We have site-site-VPN set up between the two and everything works fine except we can’t ping the Site1 PIX from internal IP. However, I can ASDM/SSH in from HQ to the external IP of the Site1 PIX. 

HQ is using an ASA 5550 (172.1.0.1) PC from HQ (172.1.64.x) Site1 is using a PIX-515E (172.2.0.1) PC from Site1 (172.2.64.x)
Ping from HQ PC to Site1 PC (172.1.64.x to 172.2.64.x) works fine
Ping from Site1 PC to HQ PC (172.2.64.x to 172.1.64.x) works fine
[code]... 

ASDM/SSH from any HQ PC to Site1 PIX internal IP (172.1.64.x to 172.2.0.1) doesn’t work
ASDM/SSH from any HQ PC to Site1 PIX external IP (172.1.64.x to Site1 external IP) works fine
 
Everything was working fine until we recently changed the outside IP address for Site1 because we switch to a different ISP. Nothing changed on the HQ ASA or Site1 PIX other than the outside IP address on Site1 PIX. I did rebuild the site-to-site VPN tunnel between Site1 and HQ.

View 5 Replies View Related

Cisco Switching/Routing :: 2621 - Unable To Ping Internal Interface

Dec 3, 2011

I've got a 2621 configured as my main gateway to the internet - right now it's obtaining a DHCP ip from a the ISP's proprietary router set to bridged mode.
 
As of now, I'm unable to ping the internal interface of the router.  I can ping external IP's only, even though I have DNS servers listed, i am unable to resolve host names.  I'm running a few servers to which people are able to connect to my web server, among other services.  I even have a crypto map setup to another 2621 across the country and can ping all internal ips on the other end... I JUST CANNOT PING THE INTERNAL INTERFACE of the router!!

I've noticed that when I ping the router during it's boot process (using linux un-interupted) I get a response in a very short window, then dies again.  I'll post my config below:
 
[code]....

View 9 Replies View Related

Cisco VPN :: ASA 5505 VPN Clients Can't Ping Router Or Other Clients On Network

Jun 18, 2012

I have a ASA5505 and it has a vpn set up. The VPN user connects using the Cisco VPN client. They can connect fine (the get an ip address from the ASA), but they can't ping the asa or any clients on the network. Here is the running config:
 
Result of the command: "show running-config"
 
: Saved
:
ASA Version 7.2(4)
!
hostname ASA
domain-name default.domain.invalid
 
[code].....

what I need to add to get the vpn client to be able to ping the router and clients?

View 3 Replies View Related

Cisco Switching/Routing :: NEXUS 7000 Octopus Internal Error In Device 78 Message?

Nov 12, 2012

NEXUS 7000 Octopus internal error in device 78 message. I got this on NEXUS 7000 logs:
 
 Nov 12 22:05:14 smale-outside : 2012 Nov 12 21:05:14 BRST: %MODULE-2-MOD_DIAG_FAIL: Module 2 (serial: JAF1548AMKB) reported failure on ports 2/1-2/32 (Ethernet) due to Octopus internal error in device 78 (device error 0xc4e0025b)
Nov 12 22:05:17 smale-outside : 2012 Nov 12 21:05:17 BRST: %MODULE-2-MOD_FAIL: Initialization of module 2 (serial: JAF1548AMKB) failed
Nov 12 22:05:18 smale-outside : 2012 Nov 12 21:05:18 BRST: %MODULE-2-MOD_FAIL: Initialization of module 2 (serial: JAF1548AMKB) failed

[code]....
 
I only have found:
 
[URL]
 
which does not match reality : No one was configuring Vlans.

View 5 Replies View Related

Cisco VPN :: ASA 5505 - Can't Connect To Internal Lans Via Vpn

Aug 11, 2011

I'm  given an ASA 5505 to configure for remote access vpn. I can establish vpn connection to the ASA 5505 but  can't  access any of the internal vlan/subnets. I configured three of the ASA  ports for connection into each of the internal subnets/vlan via a switch.Given below is my full configuration.
  
ASA5505# sh run: Saved:ASA Version 8.3(1)!enable password bLjadbVl0mgRQWih encryptedpasswd 2KFQnbNIdI.2KYOU encryptednames!interface Vlan1nameif insidesecurity-level 100ip address 192.168.1.1 255.255.255.0!interface Vlan2nameif

[Code].....

View 27 Replies View Related

Cisco :: Forward A Port On An ASA 5505 To An Internal Ip Address?

Apr 24, 2012

I have been asked to "forward a port on an ASA 5505 to an internal ip address." Sounds easy for most of you, and I thought I did it right, but I am not certain. Basically, they want it set up so that when xx.xx.xx.xx:30000 (x's = the firewall ip with port 30000) is accessed from outside, it is forwarded to an internal ip on port 30000 (xxx.xxx.x.xxx:30000)

Here is what I tried from within ASDM 6.4:

1. NAT Rules-add static NAT route:
original-Interface: inside
-Source: xx.xx.xx.xx (local ip of computer on LAN they wish to access from outside)

Translated - Interface - Use Interface IP Address

Enable PAT: Original and Translated port both set to 30000

2. Access Rule - add
Interface: Inside
Source: any
Destination: xx.xx.xx.xx (IP of Firewall)
Service: tcp/30000

View 2 Replies View Related

Cisco Firewall :: Isolate Internal Net On Port 4 Asa 5505?

Nov 20, 2011

I want to have my port 4 on the asa 5505 only allow access to the internet and not the internal network, what do i need to do?

View 1 Replies View Related

Cisco Firewall :: ASA 5505 Routing Between Internal Networks

Feb 18, 2013

I am new to Cisco ASA and have been configuring my new firewall but one thing have been bothering. I cannot get internal networks and routing between them to work as I would like to. Goal is to set four networks and control access with ACL:s between those.
 
1. Outside
2. DMZ
3. ServerNet1
4. Inside
 
ASA version is 9.1 and i have been reading on two different ways on handling IP routing with this. NAT Exempt and not configuring NAT at all and letting normal IP routing to handle internal networks. No matter how I configure, with or without NAT I cannot get access from inside network to DMZ or from ServerNet1 to DMZ. Strange thing is that I can access services from DMZ to Inside and ServerNet1 if access list allows it. For instance DNS server is on Inside network and DMZ works great using it. [code]

View 13 Replies View Related

Cisco Firewall :: Can't Access Internal Servers From Behind ASA 5505

Apr 3, 2013

I am having some trouble accessing some backup Email (Outlook Web Access) and Citrix servers located behind an ASA 5505 firewall at a remote datacentre. Simply put, when I go to the specific URL (e.g. [URL]) I do not arrive at the splash page, I just get a message saying that the server took too long to respond in the web browser. I'm wondering whether I have missed something on the configuration or the firewall itself is not letting my requests through. The remote servers are located at a remote Disaster Recovery site and use the subnet 192.168.4.0/24. I am at head office which is connected to the DR site via a VPN using 192.168.1.0/24.

[Code] .....

View 2 Replies View Related

Cisco Firewall :: Internal DNS Server Entry ASA-5505

Jan 12, 2011

I have a client in a workgroup environment. They are a small company with perhaps twenty systems. Their infrastructure consists of a Dell Switch, a Cisco ASA-5505 which hands out the DHCP and a router. And that's that.They have been using an external IP as their DNS Server to get out to the Web. However, they now want to add an internal Linux-based DNS server.In looking through the ASA-5505 today I noticed a field for DNS enteries. Is this where the IP for this new internal DNS Server (in the secondary DNS field) would go?If so, would it be necessary to reboot the ASA-5505 for this change to take effect?

View 12 Replies View Related

Cisco VPN :: ASA 5505 Cannot Passthrough PPTP To Internal Server

Feb 10, 2013

I add a new Cisco ASA 5505 as firewall in of company network. I found the PPTP authentication did not get through to internal Microsoft Server.

ASA Version 8.4(3)!names!interface Ethernet0/0switchport access vlan 2!interface Ethernet0/1switchport access vlan 2!interface Ethernet0/2!interface Ethernet0/3!interface Ethernet0/4!interface Ethernet0/5!interface Ethernet0/6!interface Ethernet0/7!interface Vlan1nameif insidesecurity-level 100ip
[Code]....

View 4 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved