N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2Į1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP DTS-ASA# sh routeĬodes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGPĭ - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area If not, be sure you can ping your default-gw. Success rate is 100 percent (5/5), round-trip min/avg/max = 10/18/20 ms Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds: Hardware is EtherSVI, BW 100 Mbps, DLY 100 usec Interface Vlan2 "outside", is up, line protocol is up After you're up and running, you should be able to check the address you got from Comcast like this. Make sure you really do have the Comcast modem attached to Eth0/0. now you need fw rules, but that's a different issue WAN Validation
! to one mac (and now refuses to change it) ! on your outside Vlan, if Comcast is restricting you ! However, this illustrates how you can manually change the mac ! I don't think you need this, since it's an SMC MAC addr While you're in config mode, use this configuration. the biggest problem you have is that you're not using DHCP on the outside Vlan interface the biggest problem is that your default gw address is assigned to Vlan2. When I am able to ping 8.8.8.8, from the ASA, I'll be happy! Basic ConfigĪs others have mentioned, your configuration is "suboptimal". The "outside" vlan seems to be misconfigured, and I've tried so many permeations, that I am sure I am overlooking something major, and obvious. Link I said, I am probably missing something critical and obvious, however having a development background networking is a somewhat foreign concept. Subscribe-to-alert-group telemetry periodic dailyĬryptochecksum:86f051cb52af3d343c52cf1a222c6901 Subscribe-to-alert-group configuration periodic monthly Subscribe-to-alert-group inventory periodic monthly Policy-map type inspect dns preset_dns_mapĭestination address email transport-method http
Username cisco password ZBZ8GNEdrJsjFvsR encrypted privilege 15 No threat-detection statistics tcp-intercept Snmp-server enable traps snmp authentication linkup linkdown coldstartĬrypto ipsec security-association lifetime seconds 28800Ĭrypto ipsec security-association lifetime kilobytes 4608000 Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absoluteĭynamic-access-policy-record DfltAccessPolicy Icmp unreachable rate-limit 1 burst-size 1 Here is my ASA configuration: ASA Version 8.2(5) Here are my Comcast settings: Gateway MAC Address 78:CD:8E:D9:FB:34 When I am able to ping 8.8.8.8, from the ASA, I'll be happy! My modem has been set to bridged mode as well.
Basically it's a dead piece of hardware other than the Console. I can't get out to the internet (even using ping from the ASA), I can't "see" the ASA on the network. I have been at this for 2 days, been through countless forums and tutorials as far as configuring my ASA-5505.