Internet access problem

Discussion in 'other firewalls' started by Givenchy, Dec 15, 2011.

Thread Status:
Not open for further replies.
  1. Givenchy

    Givenchy Registered Member

    Nov 26, 2011
    Internet access problem
    Good day everyone, i need ur maximum input to my confusion on my company network.
    The genesis of the problem
    1. We have a campus network comprises of 2 core switches 1&2. 1 is use for LAN traffic while 2 is use for Wireless traffic.

    2. we have 4 distribution switches installed on four zones, zone_A, zone_B, zone_C and zone_D, trunk to the two core layer switches.

    3. zone_A has 19 vlans
    zone_B has 12 vlans
    zone_C has 12 vlans
    zone_D has 8 vlans

    4. The 4 distribution switches are trunk to their various access layer switches.

    5. We have 3 edge devices which are Cisco 2821 router, Cisco ASA 5505 and Cisco gigabit inter-connectivity switch which connect the core_1, core_2, Cisco 2821 router, and Cisco ASA 5505 together.

    6. All the users on the LAN could browse the internet when only the edge router was connected to the inter-connectivity switch.

    7. When the ASA was connected to the router and then to the inter-connectivity switch, It was observe that:
    A. Only the user on zone_A can browse the internet.
    B. The users on zone_B, zone_C and zone_D can not browse the internet. However, their computer show they are connected to the internet but when they try to browse the internet, they get page can not be display.

    I am confuse of a truth, what do you think i should do next?

    WRPC-DOVE# wr term
    : Saved
    ASA Version 8.0(4)
    hostname DOVE
    enable password 8Ry2YjIyt7RRXU24 encrypted
    passwd 2KFQnbNIdI.2KYOU encrypted
    interface GigabitEthernet0/0
    description INSIDE NETWORK
    nameif INSIDE
    security-level 100
    ip address
    ospf cost 10
    interface GigabitEthernet0/1
    nameif OUTSIDE
    security-level 0
    ip address
    ospf cost 10
    interface GigabitEthernet0/2
    no nameif
    no security-level
    no ip address
    interface GigabitEthernet0/3
    no nameif
    no security-level
    no ip address
    interface Management0/0
    nameif management
    security-level 100
    ip address
    ospf cost 10
    ftp mode passive
    same-security-traffic permit inter-interface
    same-security-traffic permit intra-interface
    pager lines 24
    logging asdm informational
    mtu INSIDE 1500
    mtu OUTSIDE 1500
    mtu management 1500
    no failover
    icmp unreachable rate-limit 1 burst-size 1
    asdm image disk0:/asdm-613.bin
    no asdm history enable
    arp timeout 14400
    global (OUTSIDE) 1 interface
    nat (INSIDE) 1 tcp 0 25
    router ospf 68
    network area 0
    network area 0
    route OUTSIDE 1
    route OUTSIDE 1
    route INSIDE 1
    timeout xlate 3:00:00
    timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
    timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
    timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
    timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
    dynamic-access-policy-record DfltAccessPolicy
    http server enable
    http INSIDE
    http management
    snmp-server host INSIDE community wrpc version 2c
    snmp-server location WARRI
    snmp-server contact WRPC
    snmp-server community wrpc
    snmp-server enable traps snmp authentication linkup linkdown coldstart
    snmp-server enable traps entity config-change fru-insert fru-remove
    snmp-server enable traps remote-access session-threshold-exceeded
    crypto ipsec security-association lifetime seconds 28800
    crypto ipsec security-association lifetime kilobytes 4608000
    telnet INSIDE
    telnet INSIDE
    telnet INSIDE
    telnet INSIDE
    telnet management
    telnet timeout 10
    ssh INSIDE
    ssh timeout 5
    console timeout 0
    dhcpd address management
    dhcpd enable management
    threat-detection basic-threat
    threat-detection statistics access-list
    no threat-detection statistics tcp-intercept
    username wrpc password EVEeHi9uvFl7rujL encrypted privilege 15
    class-map inspection_default
    match default-inspection-traffic
    policy-map type inspect dns preset_dns_map
    message-length maximum 512
    policy-map global_policy
    class inspection_default
    inspect dns preset_dns_map
    inspect ftp
    inspect h323 h225
    inspect h323 ras
    inspect rsh
    inspect rtsp
    inspect esmtp
    inspect sqlnet
    inspect skinny
    inspect sunrpc
    inspect xdmcp
    inspect sip
    inspect netbios
    inspect tftp
    inspect icmp
    service-policy global_policy global
    prompt hostname context
    : end
    Love Givenchy.
  2. HKEY1952

    HKEY1952 Registered Member

    Jul 22, 2009
    HKEY/SECURITY/ (value not set)
    Welcome to Wilders Security Forums Givenchy

    ipconfig /?

Thread Status:
Not open for further replies.