It is currently Wed Sep 08, 2010 1:40 am

View unanswered posts | View active topics


Board index » GNS3 » General Issues

All times are UTC




Post new topic Reply to topic  Page 1 of 1
  [ 7 posts ] 
  Print view Previous topic | Next topic 
Author Message
eXPlosion
 Post subject: How to comunicate ASA with real network?
PostPosted: Sun Mar 07, 2010 12:05 am 
Offline

Joined: Sat Feb 06, 2010 1:24 pm
Posts: 20
Hi,
Here is my simple ASA topology
Image
I want to ping internet through ASA firewall like in this tutorial http://www.blindhog.net/tutorials/gns-p ... al-fw.html. But i can only ping 192.168.1.1 interface from pc. From ASA i can ping only loopback interface. Why cann't I ping wireless NIC or internet? I have turned off firewall and antivirus protection.
I need your help. Thanks.
Top
 Profile E-mail  
 
kaage
 Post subject: Re: How to comunicate ASA with real network?
PostPosted: Sun Mar 07, 2010 7:02 pm 
Offline

Joined: Mon Oct 13, 2008 11:26 am
Posts: 742
Location: Finland
It seems that you have routing problem. What is the mask for outside interface? Is it /24 ? If yes then you cannot use default gw 10.0.0.1 on ASA. In this case you have to use your host pc as a router.

_________________
Br,
Kaage
Image Image

Top
 Profile  
 
eXPlosion
 Post subject: Re: How to comunicate ASA with real network?
PostPosted: Sun Mar 07, 2010 7:48 pm 
Offline

Joined: Sat Feb 06, 2010 1:24 pm
Posts: 20
kaage wrote:
It seems that you have routing problem. What is the mask for outside interface? Is it /24 ? If yes then you cannot use default gw 10.0.0.1 on ASA. In this case you have to use your host pc as a router.


Yes, it is /24 mask. I know it is not typical that gateway is on the different subnet than wireless nic. But i don't know other gateway than 10.0.0.1, because this router is ISP's router and not at my home :) Also it seems I do not understand your last sentence. What do you mean by saying host pc?
Thanks.
Top
 Profile E-mail  
 
Shaners
 Post subject: Re: How to comunicate ASA with real network?
PostPosted: Sun Mar 07, 2010 8:59 pm 
Offline

Joined: Fri Mar 05, 2010 11:02 am
Posts: 6
eXPlosion wrote:
kaage wrote:
It seems that you have routing problem. What is the mask for outside interface? Is it /24 ? If yes then you cannot use default gw 10.0.0.1 on ASA. In this case you have to use your host pc as a router.


Yes, it is /24 mask. I know it is not typical that gateway is on the different subnet than wireless nic. But i don't know other gateway than 10.0.0.1, because this router is ISP's router and not at my home :) Also it seems I do not understand your last sentence. What do you mean by saying host pc?
Thanks.


You can't use 10.0.0.1 as a default route as it's on a different subnet, the ASA isn't aware of this subnet so it won't work.

Is the gateway address on your wireless nic 10.0.0.1?

_________________
Image Image

Top
 Profile E-mail  
 
eXPlosion
 Post subject: Re: How to comunicate ASA with real network?
PostPosted: Mon Mar 08, 2010 11:17 am 
Offline

Joined: Sat Feb 06, 2010 1:24 pm
Posts: 20
Shaners wrote:

Is the gateway address on your wireless nic 10.0.0.1?


Yes it is.
Top
 Profile E-mail  
 
kaage
 Post subject: Re: How to comunicate ASA with real network?
PostPosted: Mon Mar 08, 2010 2:21 pm 
Offline

Joined: Mon Oct 13, 2008 11:26 am
Posts: 742
Location: Finland
In this case you need to think that your computer is a router. On asa you need to set default GW towards your computers IP address on subnet 10.0.82.0/24. Then ASA is able to send packets to your computer and your computer knows default route towards wireless router etc.

Well, you have to think returning packet also. Your wireless router needs to know where are networks 192.168.1.0/24 and 10.0.82.0/24. So you need to setup static routes for these networks on wireless router towards your computers address 10.0.0.x. If you are doing NAT on ASA this should be enough. If you aren't you have to do static routing on your computer also.

_________________
Br,
Kaage
Image Image

Top
 Profile  
 
eXPlosion
 Post subject: Re: How to comunicate ASA with real network?
PostPosted: Mon Mar 08, 2010 5:24 pm 
Offline

Joined: Sat Feb 06, 2010 1:24 pm
Posts: 20
kaage wrote:
In this case you need to think that your computer is a router. On asa you need to set default GW towards your computers IP address on subnet 10.0.82.0/24. Then ASA is able to send packets to your computer and your computer knows default route towards wireless router etc.


Well, actually my computer doesn't know default route toward wireless because i removed default gateway from wireless nic, because my default GW is loopback in this case

kaage wrote:
Well, you have to think returning packet also. Your wireless router needs to know where are networks 192.168.1.0/24 and 10.0.82.0/24. So you need to setup static routes for these networks on wireless router towards your computers address 10.0.0.x. If you are doing NAT on ASA this should be enough. If you aren't you have to do static routing on your computer also.

The problem is that wireless router is not at my home, it's IPS's router.

I think i will try to use wired connection in upcoming week and i will post the results.
Top
 Profile E-mail  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 7 posts ] 

Board index » GNS3 » General Issues

All times are UTC


Who is online

Users browsing this forum: No registered users and 0 guests

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group

phpBB SEO