Hi,
I have a problem to access Internet from inside host.
My internet settings are:
Range 89.215.168.64 - 127
Mask 255.255.255.192
Gateway 89.215.168.65
DNS 217.9.224.2; 217.9.224.3
The following is my configuration of the firewall:
ASA Version 7.2(2)
sh run
: Saved
:
ASA Version 7.2(2)
!
hostname DarrkoEOOD
domain-name default.domain.invalid
enable password my encrypted
names
!
interface Vlan1
nameif inside
security-level 50
ip address 89.215.168.65 255.255.255.192
!
interface Vlan2
nameif Evrokom
security-level 90
ip address 89.215.174.66 255.255.255.252
!
interface Vlan3
description Evrocom-DNS_Blackhole
nameif DNS
security-level 0
ip address 10.0.0.1 255.255.255.252
!
interface Ethernet0/0
description LAN
!
interface Ethernet0/1
description Evrokom
switchport access vlan 2
!
interface Ethernet0/2
description Evrocom-DNS_Blackhole
switchport access vlan 3
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
passwd my encrypted
ftp mode passive
clock timezone EEDT 2
clock summer-time EEDT recurring last Sun Mar 3:00 last Sun Oct 3:00
dns server-group DefaultDNS
domain-name default.domain.invalid
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
access-list IPSAllowedOutsideInterface extended permit ip host 71.169.2.10 any
access-list IPSAllowedOutsideInterface extended permit ip host 72.89.63.208 any
access-list IPSAllowedOutsideInterface extended permit ip 69.64.222.0 255.255.255.0 any
access-list IPSAllowedOutsideInterface extended permit ip host 77.85.217.18 any
access-list IPSAllowedOutsideInterface extended permit ip host 62.204.140.9 any
access-list IPSAllowedOutsideInterface extended permit tcp 213.226.0.0 255.255.0.0 any eq ssh
access-list IPSAllowedOutsideInterface extended deny tcp any any eq 3389
access-list IPSAllowedOutsideInterface extended deny tcp any any eq ssh
access-list IPSAllowedOutsideInterface extended permit ip any any
pager lines 24
logging timestamp
logging buffer-size 1048576
logging buffered debugging
logging asdm informational
mtu inside 1500
mtu Evrokom 1500
mtu DNS 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
icmp permit any inside
icmp permit any Evrokom
asdm image disk0:/asdm-522.bin
no asdm history enable
arp timeout 14400
global (Evrokom) 10 interface
nat (inside) 10 89.215.168.64 255.255.255.192
access-group IPSAllowedOutsideInterface in interface inside
access-group IPSAllowedOutsideInterface out interface inside
access-group IPSAllowedOutsideInterface in interface Evrokom
access-group IPSAllowedOutsideInterface out interface Evrokom
route Evrokom 0.0.0.0 0.0.0.0 89.215.174.65 1 track 1
route Evrokom 217.9.224.2 255.255.255.255 89.215.174.65 1 track 2
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:20:00 udp 1:00:00 icmp 0:00:05
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
username admin password rj3RJA7.tmoyw8bB encrypted privilege 15
username thegrave password my encrypted privilege 15
aaa authentication ssh console LOCAL
http server enable
http 62.204.140.9 255.255.255.255 Evrokom
http 213.226.0.0 255.255.255.0 Evrokom
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
sla monitor 1
type echo protocol ipIcmpEcho 206.190.56.229 interface Evrokom
num-packets 5
request-data-size 48
timeout 8000
frequency 30
sla monitor schedule 1 life forever start-time now
service resetinbound interface inside
!
track 1 rtr 1 reachability
!
track 2 rtr 2 reachability
telnet timeout 5
ssh 72.89.63.208 255.255.255.255 Evrokom
ssh 213.226.0.0 255.255.0.0 Evrokom
ssh 67.85.83.39 255.255.255.255 Evrokom
ssh 62.204.140.9 255.255.255.255 Evrokom
ssh 77.85.217.18 255.255.255.255 Evrokom
ssh timeout 5
ssh version 2
console timeout 0
dhcpd lease 32000
!
dhcpd address 89.215.168.66-89.215.168.125 inside
dhcpd dns 217.9.224.2 212.39.90.42 interface inside
dhcpd enable inside
!
!
!
ntp server 129.6.15.29 source Evrokom
ntp server 129.6.15.28 source Evrokom prefer
prompt hostname context
Cryptochecksum:1ac6d4d29acbcceab6b86a84561bb346
: end
Hi
I got the Bravia KDL-40EX713 and the uwa-br100 I had massive problems getting it to work with a BT home hub. Eventually I found manual setting that work. Firstly I logged on to the router and went the the advanced settings bit, then I went to the DHCP table that shows all the devices connected. I picked an unused Ip address from the range of existing ones being used (this sort of thing 192.168.1.73)
I then used the following settings for the other fields (I don't think the secondary dns setting is right but it still works)
ip 192.168.1.73
sn mask 255.255.255.0
default gateway 192.168.1.254
primary dns 192.168.1.254
secondary dns 192.168.22.23
If the DNS server ip is wrong then you get local access OK but internet access failed.
Hope this helps.
Ian
1,274 views
Usually answered in minutes!
×