Hi,
What are the interface names and security levels on the ASA? Can you send
output of the command show nameif
Regards,
--
Piotr Matusiak
CCIE #19860 (R&S, Security), CCSI #33705
Technical Instructor
website: www.MicronicsTraining.com
blog: www.ccie1.com
�If you can't explain it simply, you don't understand it well enough� -
Albert Einstein
2011/1/20 Manouchehr Omari <manouchehr1979_at_gmail.com>
> Dear All,
>
> I will highly appreciate any help in this regard, one of our branches
> connected through E1 circuit with IPSec tunnel is unable to use Internet
> from HQ, Below is the topology,
>
>
>
> HQ - ASA 5510-------------E1------------------ Router - Branch ---- LAN
>
>
> ASA has interfaces,
>
> E0/0 = E1 connecting branch..
> E0/1 = HQ LAN
> E0/2 = Internet
>
> Below is the NAT and the ACL for interesting traffic config on ASA
>
> global (outside) 1 interface
> nat (inside) 1 0.0.0.0 0.0.0.0
> nat (inside) 0 access-list 101
>
> access-list 101 per ip 10.1.1.0 255.255.255.0 172.16.1.0 255.255.255.0
>
> Everything is working fine except that users in the branch unable to access
> the Internet through HQ i don't think if the NAT configuration on ASA is
> correct in order for the branch users to be able to access the internet,
> and
> also I'm not doing any NAT on branch router. Anyone with any help
> please...
>
> Kind Regards,
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Thu Jan 20 2011 - 18:57:25 ART