Hurricane Electric's IPv6 Tunnel Broker Forums

Advanced search  

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Author Topic: Compete newb needs help with cisco ASA  (Read 16421 times)

seandiviney

  • Newbie
  • *
  • Posts: 7
Compete newb needs help with cisco ASA
« on: January 14, 2011, 04:52:23 AM »

I am unable to setup regular tunnel.

Using ASA 5520 I have NAT'ed one of my public addresses to my PC, enabled ICMP both inbound and outbound, permitted protocol 41 both inbound and outbound (assume this is not required for the system to recognise I have an endpoint).

My intention would be to tunnel from my PC and not the firewall.

Wondering where I am going wrong or if I should be talking to my ISP and getting them to look at their router.

Any suggestions?

Thanks, Sean.
Logged

cholzhauer

  • Hero Member
  • *****
  • Posts: 2714
Re: Compete newb needs help with cisco ASA
« Reply #1 on: January 14, 2011, 05:10:44 AM »

A couple.

What code version are you running on the ASA?

Are you forwarding all traffic to the ASA?  (EG, if your public address is 1.2.3.4 and your nat address is 192.168.1.2, you're forwarding all traffic inside)

The reason I ask is because if you have multiple public IP addresses, this becomes MUCH easier
Logged

seandiviney

  • Newbie
  • *
  • Posts: 7
Re: Compete newb needs help with cisco ASA
« Reply #2 on: January 14, 2011, 05:21:31 AM »

Version 8.2(2)

Yes all traffic:
static (inside,Outside) 82.20.x.x 192.168.254.250 netmask 255.255.255.255

Logged

cholzhauer

  • Hero Member
  • *****
  • Posts: 2714
Re: Compete newb needs help with cisco ASA
« Reply #3 on: January 14, 2011, 05:23:57 AM »

8.3.x makes this easier, but you need a large ram upgrade.

What does the rest of your code look like?
Logged

seandiviney

  • Newbie
  • *
  • Posts: 7
Re: Compete newb needs help with cisco ASA
« Reply #4 on: January 14, 2011, 05:33:29 AM »

My very lazy acl for icmp and protocol 41

access-list inside_access_in extended permit ip host 192.168.254.250 any log warnings
access-list inside_access_in extended permit 41 any any log warnings

access-list outside_access_in extended permit icmp any any log warnings
access-list outside_access_in extended permit 41 any any

Do you need more, I will work on sanitising the full code.
Logged

cholzhauer

  • Hero Member
  • *****
  • Posts: 2714
Re: Compete newb needs help with cisco ASA
« Reply #5 on: January 14, 2011, 05:52:44 AM »

When I talked to Cisco about their 8.2.x code, you could not forward a protocol, only ports, which is why I asked if you were forwarding all IP traffic.

Something like

Code: [Select]
access-list outside_access_in extended permit ip any host 82.20.x.x.x any any
Logged

seandiviney

  • Newbie
  • *
  • Posts: 7
Re: Compete newb needs help with cisco ASA
« Reply #6 on: January 14, 2011, 06:02:08 AM »

this line:
access-list outside_access_in extended permit 41 any any
should allow the protocol 41 traffic

I have never had problems forwarding protocol 50 and 51 on my other ASA so would have imagined this to be similar, I could understand not being able to do it if I where trying to PAT.

But I assume the problem im having is before this would even come into play. The website pretty much says to ensure icmp connectivity at this stage:
Error: Your IPv4 endpoint is unreachable or unstable. Please make sure ICMP is not blocked. If you are blocking ICMP, please allow 66.220.2.74 through your firewall.
Logged

cholzhauer

  • Hero Member
  • *****
  • Posts: 2714
Re: Compete newb needs help with cisco ASA
« Reply #7 on: January 14, 2011, 06:09:28 AM »

Oh, I didn't know you were having problems with ping ;)

I guess at this point I'd need to see the rest of the config. 
Logged

seandiviney

  • Newbie
  • *
  • Posts: 7
Re: Compete newb needs help with cisco ASA
« Reply #8 on: January 14, 2011, 06:13:53 AM »

dns-guard
!
interface GigabitEthernet0/0
 shutdown
 nameif outsideold
 security-level 0
 ip address *
!
interface GigabitEthernet0/1
 nameif inside
 security-level 100
 ip address 192.168.254.35 255.255.255.0
!
interface GigabitEthernet0/2
 description * internet connection
 speed 100
 duplex full
 nameif Outside
 security-level 0
 ip address 82.20.X.X 255.255.255.224
!
interface GigabitEthernet0/3
 shutdown
 nameif Maxbond
 security-level 20
 ip address *
!
interface Management0/0
 shutdown
 no nameif
 no security-level
 no ip address
!
boot system disk0:/asa822-k8.bin
boot system disk0:/asa804-k8.bin
ftp mode passive
clock timezone GMT/BST 0
clock summer-time GMT/BDT recurring last Sun Mar 1:00 last Sun Oct 2:00
dns domain-lookup inside
dns server-group DefaultDNS
 name-server 192.168.245.245
 domain-name *
same-security-traffic permit intra-interface
-cut  object groups-
access-list NTLOutside_cryptomap_89 extended permit ip host 192.168.245.89 192.168.203.0 255.255.255.240
-cut nat0-
access-list NTLOutside_cryptomap_17 extended permit ip host 192.168.245.89 192.168.202.112 255.255.255.240
access-list NTLOutside_cryptomap_76 extended permit ip host 192.168.245.89 192.168.202.96 255.255.255.240
access-list Homeworker03_ACL remark *
access-list Homeworker03_ACL extended permit ip any host 192.168.245.89
access-list NTLOutside_cryptomap_100 extended permit ip host 192.168.245.89 192.168.203.176 255.255.255.240
access-list NTLOutside_cryptomap_73 extended permit ip host 192.168.245.89 192.168.202.64 255.255.255.240
access-list Homeworker05_ACL remark *
access-list Homeworker05_ACL extended permit tcp any host 192.168.230.20 object-group DM_INLINE_TCP_4
access-list Homeworker05_ACL extended permit udp any object-group DM_INLINE_NETWORK_1 eq domain
access-list NTLOutside_cryptomap_96 remark To stay on this line
access-list NTLOutside_cryptomap_96 extended permit ip host 192.168.245.89 192.168.203.160 255.255.255.240
access-list Homeworker04_ACL extended permit tcp any object-group DM_INLINE_NETWORK_39 eq 3389
access-list NTLOutside_cryptomap_80 extended permit ip host 192.168.245.89 192.168.202.176 255.255.255.240
access-list NTLOutside_cryptomap_1 extended permit ip host 192.168.245.89 192.168.202.0 255.255.255.240
access-list inside_access_in extended permit icmp host 192.168.245.20 any object-group DM_INLINE_ICMP_4 log
access-list inside_access_in extended permit icmp any any
access-list inside_access_in extended permit ip 192.168.208.0 255.255.255.0 any
access-list inside_access_in extended permit ip 192.168.209.0 255.255.255.0 any
access-list inside_access_in extended permit ip host 192.168.250.222 any log warnings
access-list inside_access_in extended permit ip host 192.168.254.250 192.168.208.0 255.255.255.0
access-list inside_access_in extended permit ip host 192.168.254.248 any
access-list inside_access_in extended permit ip host 192.168.254.249 any
access-list inside_access_in extended permit icmp host 192.168.254.250 any log warnings
access-list inside_access_in extended permit ip host 192.168.254.250 any log warnings
access-list inside_access_in extended permit 41 any any log warnings
access-list inside_access_in extended permit icmp any any object-group DM_INLINE_ICMP_2 log inactive
access-list inside_access_in extended permit udp host 192.168.245.183 192.168.208.0 255.255.255.0
access-list inside_access_in remark *
access-list inside_access_in extended permit tcp host 192.168.110.10 host 195.171.110.175 eq ssh
access-list inside_access_in remark *
access-list inside_access_in extended permit tcp host 192.168.245.61 host 195.171.110.175 eq 20025
access-list inside_access_in extended permit tcp any any eq telnet
access-list inside_access_in extended permit tcp any any eq ssh
access-list inside_access_in extended permit tcp any any eq www
access-list inside_access_in extended permit tcp any any eq https
access-list inside_access_in extended permit tcp any any eq domain
access-list inside_access_in extended permit udp any any eq domain
access-list inside_access_in extended permit tcp any any eq ftp
access-list inside_access_in remark *
access-list inside_access_in extended permit ip any 192.168.202.0 255.255.255.0
access-list inside_access_in remark *
access-list inside_access_in extended permit ip any 192.168.203.0 255.255.255.0
access-list inside_access_in remark SNMP v3 monitoring
access-list inside_access_in extended permit udp host 192.168.245.20 object-group DM_INLINE_NETWORK_15 eq snmp
access-list Homeworker00_ACL extended permit ip any any
access-list NTLOutside_cryptomap_78 extended permit ip host 192.168.245.89 192.168.202.144 255.255.255.240
access-list NTLOutside_cryptomap_93 extended permit ip host 192.168.245.89 192.168.203.64 255.255.255.240
access-list NTLOutside_cryptomap_95 extended permit ip host 192.168.245.89 192.168.203.96 255.255.255.240
access-list NTLOutside_cryptomap_32 remark Difficult to move
access-list NTLOutside_cryptomap_32 extended permit ip host 192.168.245.89 192.168.203.80 255.255.255.240
access-list Maxbond_access_in extended permit icmp any any log
access-list Maxbond_access_in extended permit ip any any log
access-list Maxbond_access_in_1 extended permit icmp any host 192.168.252.34 echo-reply
access-list Maxbond_access_in_1 remark Connectivity testing
access-list Maxbond_access_in_1 extended permit icmp any any object-group DM_INLINE_ICMP_1
access-list NTLOutside_cryptomap_70 extended permit ip host 192.168.245.89 192.168.202.16 255.255.255.240
access-list NTLOutside_cryptomap_81 extended permit ip host 192.168.245.89 192.168.202.224 255.255.255.224
access-list NTLOutside_cryptomap_16 extended permit ip host 192.168.245.89 192.168.203.112 255.255.255.240
access-list NTLOutside_cryptomap_40 extended permit ip host 192.168.245.89 192.168.203.128 255.255.255.240
access-list NTLOutside_cryptomap_79 extended permit ip host 192.168.245.89 192.168.202.160 255.255.255.240
access-list NTLOutside_cryptomap_90 extended permit ip host 192.168.245.89 192.168.203.16 255.255.255.240
access-list NTLOutside_cryptomap_72 extended permit ip host 192.168.245.89 192.168.202.48 255.255.255.240
access-list inside_nat_static_4 extended permit tcp host 192.168.230.20 eq 990 any
access-list * extended permit ip any host 192.168.245.245
access-list * extended permit ip any host 192.168.245.246
access-list * extended permit ip any host 192.168.245.172
access-list inside_nat_static extended permit tcp host 192.168.254.249 eq 18393 any
access-list inside_nat_static_1 extended permit tcp host 192.168.254.249 eq 3389 any
access-list Homeworker02_ACL extended permit ip any 10.0.0.0 255.192.0.0 inactive
access-list Homeworker02_ACL *
access-list Homeworker02_ACL extended permit tcp any object-group DM_INLINE_NETWORK_32 eq www
access-list Homeworker02_ACL *
access-list Homeworker02_ACL extended permit tcp any object-group DM_INLINE_NETWORK_31 range 2130 2140
access-list Homeworker02_ACL *
access-list Homeworker02_ACL extended permit udp any object-group DM_INLINE_NETWORK_34 range 2120 2130
access-list Homeworker02_ACL *
access-list Homeworker02_ACL extended permit tcp any object-group DM_INLINE_NETWORK_37 eq https
access-list Homeworker02_ACL *
access-list Homeworker02_ACL extended permit tcp any host 10.222.62.35 object-group DM_INLINE_TCP_1
access-list Homeworker02_ACL *
access-list Homeworker02_ACL extended permit tcp any host 192.168.245.60 eq 8085
access-list Homeworker02_ACL extended permit tcp any object-group DM_INLINE_NETWORK_35 object-group DM_INLINE_TCP_3
access-list Homeworker02_ACL extended permit udp any object-group DM_INLINE_NETWORK_33 object-group DM_INLINE_UDP_2
access-list Homeworker02_ACL *
access-list Homeworker02_ACL extended permit tcp any object-group DM_INLINE_NETWORK_36 eq www
access-list Homeworker02_ACL extended permit udp any object-group DM_INLINE_NETWORK_38 object-group DM_INLINE_UDP_1
access-list Homeworker02_ACL remark *
access-list Homeworker02_ACL extended permit tcp any host 192.168.245.23 eq 8081
access-list Homeworker02_ACL extended permit ip any any inactive
access-list inside_nat_static_2 extended permit tcp host 192.168.245.61 eq www any
access-list *_Group_PolicyACL_N3 extended permit tcp any host 192.168.245.89 object-group DM_INLINE_TCP_2
access-list inside_nat0_outbound_1 extended permit ip 192.168.208.0 255.255.255.0 host 192.168.245.89
access-list outside_access_in extended permit icmp any any object-group DM_INLINE_ICMP_6 inactive
access-list outside_access_in *
access-list outside_access_in extended permit tcp any host 82.20.X.X eq 44000 inactive
access-list outside_access_in *
access-list outside_access_in extended permit tcp host 81.138.X.X host 82.20.X.X eq 50000 inactive
access-list outside_access_in extended permit icmp any any log warnings
access-list outside_access_in extended permit 41 any any
access-list outside_access_in extended permit tcp any host 82.20.X.X eq 990
access-list NTLOutside_cryptomap_75 remark To stay on this line
access-list NTLOutside_cryptomap_75 extended permit ip host 192.168.245.89 192.168.202.80 255.255.255.240
pager lines 24
logging enable
logging timestamp
logging buffered critical
logging trap informational
logging history critical
logging asdm informational
logging mail critical
logging host inside 192.168.245.117 17/1514
logging host inside 192.168.245.90 format emblem
logging debug-trace
logging permit-hostdown
no logging message 313005
logging rate-limit 2 30 level 6
mtu outsideold 1500
mtu inside 1500
mtu Outside 1500
mtu Maxbond 1500
ip local pool Homework_Pool1 192.168.209.1-192.168.209.64 mask 255.255.255.0
ip local pool Homework_Pool2 192.168.209.65-192.168.209.75 mask 255.255.255.0
ip local pool Homework_Pool5 192.168.209.90-192.168.209.110 mask 255.255.255.0
ip local pool Homework_Pool3 192.168.209.80-192.168.209.82 mask 255.255.255.0
ip local pool Homework_Pool4 192.168.209.83-192.168.209.85 mask 255.255.255.0
ip local pool VPNIPPOOL 192.168.208.0-192.168.208.254 mask 255.255.255.0
ip audit name Attack attack action drop
ip audit interface outsideold Attack
ip audit interface Maxbond Attack
ip audit info action
ip audit attack action drop
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-625.bin
asdm history enable
arp timeout 14400
global (outsideold) 101 interface
global (inside) 1 interface
global (Outside) 101 interface
global (Maxbond) 101 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 0 access-list inside_nat0_outbound_1 outside
nat (inside) 101 0.0.0.0 0.0.0.0
static (inside,outsideold) tcp interface 50000 access-list inside_nat_static_2
static (inside,outsideold) tcp interface 18393 access-list inside_nat_static
static (inside,outsideold) tcp interface 3389 access-list inside_nat_static_1
static (inside,Outside) tcp 82.20.X.X 990 access-list inside_nat_static_4
static (inside,Outside) 82.20.X.X 192.168.254.250 netmask 255.255.255.255
access-group inside_access_in in interface inside
access-group outside_access_in in interface Outside
access-group Maxbond_access_in_1 in interface Maxbond
route Outside 0.0.0.0 0.0.0.0 82.20.71.222 1
route inside 192.168.13.0 255.255.255.0 192.168.254.254 1
route inside 192.168.33.0 255.255.255.0 192.168.254.254 1
route inside 192.168.35.0 255.255.255.0 192.168.254.254 1
route inside 192.168.110.0 255.255.255.0 192.168.254.254 1
route inside 192.168.230.0 255.255.255.0 192.168.254.254 1
route inside 192.168.245.0 255.255.255.0 192.168.254.254 1
route inside 192.168.250.0 255.255.255.0 192.168.254.254 1
route inside 0.0.0.0 0.0.0.0 192.168.254.254 tunneled
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server TACACS protocol tacacs+
 accounting-mode simultaneous
aaa-server TACACS (inside) host 192.168.254.41
 key *****
aaa-server SecureIT protocol radius
aaa-server SecureIT (inside) host 192.168.245.160
 timeout 5
 key *****
 authentication-port 1812
 accounting-port 1813
nac-policy DfltGrpPolicy-nac-framework-create nac-framework
 reval-period 36000
 sq-period 300
aaa authentication enable console TACACS LOCAL
aaa authentication http console TACACS LOCAL
aaa authentication ssh console TACACS LOCAL
aaa authentication telnet console TACACS LOCAL
aaa accounting enable console TACACS
aaa accounting ssh console TACACS
aaa accounting telnet console TACACS
aaa accounting command privilege 15 TACACS
http server enable
http 192.168.245.0 255.255.255.0 inside
http 192.168.250.0 255.255.255.0 inside
http 192.168.254.0 255.255.255.0 inside
snmp-server host inside 192.168.245.20 community ***** version 2c
snmp-server location Server Room 1
snmp-server contact *
snmp-server enable traps snmp authentication linkup linkdown coldstart
-cut cryptomaps-
crypto ca trustpoint ASDM_TrustPoint1
 enrollment terminal
 crl configure
crypto ca trustpoint ASDM_TrustPoint2
 id-usage code-signer
 crl configure
crypto ca trustpoint ASDM_TrustPoint3
 id-usage code-signer
 crl configure
crypto ca trustpoint ASDM_TrustPoint0
 enrollment terminal
 subject-name *
 keypair RemoteAccess
 crl configure
crypto isakmp identity address
crypto isakmp enable outsideold
crypto isakmp enable inside
crypto isakmp enable Outside
crypto isakmp enable Maxbond
crypto isakmp policy 20
 -cut-
crypto isakmp ipsec-over-tcp port 10000
no vpn-addr-assign aaa
no vpn-addr-assign dhcp
vpn-addr-assign local reuse-delay 5
vpn-sessiondb max-session-limit 100
telnet timeout 5
ssh 192.168.245.0 255.255.255.0 inside
ssh 192.168.250.0 255.255.255.0 inside
ssh 192.168.254.0 255.255.255.0 inside
ssh timeout 5
console timeout 0
management-access inside
threat-detection basic-threat
threat-detection scanning-threat shun except ip-address 192.168.254.0 255.255.255.0
threat-detection scanning-threat shun duration 10
no threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ntp server 192.168.254.2 source inside
ntp server 192.168.254.1 source inside prefer
tftp-server inside 192.168.254.250 asa721-k8.bin
webvpn
 port 444
 enable inside
 enable Outside
 csd image disk0:/securedesktop-asa-3.3.0.151-k9.pkg
 csd enable
 tunnel-group-list enable
 smart-tunnel list TestList Outlook outlook.exe platform windows
group-policy WebVPNGrp internal
group-policy WebVPNGrp attributes
 vpn-tunnel-protocol webvpn
 webvpn
  homepage none
  http-proxy enable
  sso-server none
  customization value DfltCustomization
  http-comp gzip
  hidden-shares visible
  smart-tunnel auto-start TestList
  activex-relay enable
  file-entry enable
  file-browsing enable
  url-entry enable
  deny-message value Login was successful, but because certain criteria have not been met or due to some specific group policy, you do not have permission to use any of the VPN features. Contact your IT administrator for more information.
group-policy DfltGrpPolicy attributes
 vpn-idle-timeout 480
 vpn-tunnel-protocol IPSec l2tp-ipsec
 nac-settings value DfltGrpPolicy-nac-framework-create
 webvpn
  svc keepalive none
  svc dpd-interval client none
  svc dpd-interval gateway none
  customization value DfltCustomization
group-policy GroupPolicy1 internal
group-policy Homeworker01_Policy internal
group-policy Homeworker01_Policy attributes
 banner value VPN tunnel now established.
 dns-server value 192.168.245.245 192.168.245.246
 vpn-tunnel-protocol IPSec svc
 default-domain value *
group-policy Homeworker02_Policy internal
group-policy Homeworker02_Policy attributes
 banner value VPN is now connected.
 vpn-filter value Homeworker02_ACL
 vpn-tunnel-protocol IPSec
group-policy Homeworker03_Policy internal
group-policy Homeworker03_Policy attributes
 banner value DRSS VPN is now connected.
 vpn-filter value Homeworker03_ACL
 vpn-tunnel-protocol IPSec
group-policy Homeworker04_Policy internal
group-policy Homeworker04_Policy attributes
 banner value VPN is now connected.
 vpn-filter value Homeworker04_ACL
 vpn-tunnel-protocol IPSec
group-policy Homeworker00_Policy internal
group-policy Homeworker00_Policy attributes
 banner value You are here!
 dns-server value 192.168.245.245 192.168.245.246
 vpn-filter value Homeworker00_ACL
 vpn-tunnel-protocol IPSec svc
 default-domain value *
 webvpn
  homepage value http://192.168.230.20:81
group-policy Homeworker05_Policy internal
group-policy Homeworker05_Policy attributes
 banner value VPN is now connected. Next Usename and Password is domain one.
 vpn-filter value Homeworker05_ACL
 vpn-tunnel-protocol IPSec webvpn
 webvpn
  homepage value http://192.168.230.20:81
group-policy RemoteAccessGroup1 internal
group-policy RemoteAccessGroup1 attributes
 dns-server value 192.168.245.245 192.168.245.246
 vpn-tunnel-protocol svc
 default-domain value *
-cut backup usernames-
-cut tunnel groups-
!
class-map inspection_default
 match default-inspection-traffic
!
!
policy-map global_policy
 class inspection_default
  inspect icmp
  inspect ip-options
!
service-policy global_policy global
smtp-server 192.168.245.211
prompt hostname context
call-home
 profile CiscoTAC-1
  no active
  destination address http https://tools.cisco.com/its/service/oddce/services/DDCEService
  destination address email callhome@cisco.com
  destination transport-method http
  subscribe-to-alert-group diagnostic
  subscribe-to-alert-group environment
  subscribe-to-alert-group inventory periodic monthly
  subscribe-to-alert-group configuration periodic monthly
  subscribe-to-alert-group telemetry periodic daily
Logged

seandiviney

  • Newbie
  • *
  • Posts: 7
Re: Compete newb needs help with cisco ASA
« Reply #9 on: January 14, 2011, 07:17:58 AM »

Thanks for looking at this I am thinking the problem is my PC, not sure how this has happened but routing table has got messed up:

C:\>route print
===========================================================================
Interface List
 31...00 1f 29 3c 22 3d ......Intel(R) 82566DM-2 Gigabit Network Connection
  1...........................Software Loopback Interface 1
 34...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0  192.168.254.250               1f    276
          0.0.0.0          0.0.0.0  192.168.254.254               1f    276
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link                1f    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link                1f    276
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0  192.168.254.250  Default
          0.0.0.0          0.0.0.0  192.168.254.254  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 31    276 fe80::/64                On-link
 31    276 fe80::9c64:c9a6:4824:2b31/128
                                    On-link
  1    306 ff00::/8                 On-link
 31    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
Logged

cholzhauer

  • Hero Member
  • *****
  • Posts: 2714
Re: Compete newb needs help with cisco ASA
« Reply #10 on: January 14, 2011, 07:20:32 AM »

Yeah, you don't have a default route ;)
Logged

seandiviney

  • Newbie
  • *
  • Posts: 7
Re: Compete newb needs help with cisco ASA
« Reply #11 on: January 14, 2011, 07:49:05 AM »

I now have a connection. YAY. Thanks for help. and that was the easy bit!!!
Logged