Sign in with
Sign up | Sign in
Your question

I cant ping from Inside to DMZ and outside

April 11, 2011 11:08:44 AM

Hello, Hello everyone out there again. hope u guys r doing great. First of i would like to once again thank Shane Madden and GregD, for pushing me on with this new post, for redoing again this post and simply ask or post questions asking for help with specific problems and for advising me as well to post a clear, readable Asa Show Run.......Now long story made short. Im busy configuring my cisco Asa 5520 version 7 and bellow is the show run of the machine: ASA2> ASA2> en Password: ASA2# sh run : Saved : ASA Version 7.0(8) ! hostname xxxxxxxxxx domain-name parlamento.ao enable password xxxxxxxxxx encrypted passwd xxxxxxxxxxx encrypted names dns-guard ! interface GigabitEthernet0/0 description "Link-To-GW-Router" nameif outside security-level 0 ip address 41.223.156.109 255.255.255.248 ! interface GigabitEthernet0/1 description Link To Local Lan nameif inside security-level 100 ip address 10.1.4.1 255.255.252.0 ! interface GigabitEthernet0/2 description "Link-T nameif dmz security-level 50 ip address 172.16.16.1 255.255.255.0 ! interface GigabitEthernet0/3 shutdown no nameif no security-level no ip address ! interface Management0/0 shutdown no nameif no security-level no ip address ! ftp mode passive access-list OUTSIDE-IN extended permit tcp any host 100.1.1.1 eq smtp access-list OUTSIDE-IN extended permit tcp any host 100.1.1.2 eq www access-list DMZ-IN extended deny ip any any log access-list DMZ_IN extended permit ip any any pager lines 24 mtu outside 1500 mtu inside 1500 mtu dmz 1500 no failover asdm image disk0:/asdm-508.bin no asdm history enable arp timeout 14400 global (outside) 1 100.1.1.2-100.1.1.254 netmask 255.255.255.0 nat (inside) 1 10.1.4.0 255.255.252.0 static (dmz,outside) 100.1.1.1 172.16.16.25 netmask 255.255.255.255 static (dmz,outside) 100.1.1.2 172.16.16.80 netmask 255.255.255.255 access-group OUTSIDE-IN in interface outside access-group DMZ-IN in interface dmz route outside 0.0.0.0 0.0.0.0 41.223.156.108 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 timeout mgcp-pat 0:05:00 sip 0:30:00 sip_media 0:02:00 timeout uauth 0:05:00 absolute username tchipa password JUU.kVt2Und.Vd23 encrypted privilege 15 http server enable http 10.1.4.0 255.255.252.0 inside no snmp-server location no snmp-server contact snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 telnet timeout 5 ssh timeout 5 console timeout 0 ! class-map inspection_default match default-inspection-traffic ! ! policy-map global_policy class inspection_default inspect dns maximum-length 512 inspect ftp inspect h323 h225 inspect h323 ras

More about : ping inside dmz

!