![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Hey everybody, I've spent the past weekend at the lab working on a bunch of ASA labs and the one I am currently working on involves a switch between the ASA and the two hosts that are on seperate VLAN's.
Now I've setup a default static route of 0.0.0.0 0.0.0.0 192.168.1.1 but I wasn't able to get out past the switch. I've setup IP routing to make sure the Switch functions as a Layer 3 routing switch
I've setup IP HTTP SERVER on both the DMZ web_server and the outside router(not pictured) so I should be at least able to get to the web page.
I realize the ASA won't respond to pings at 192.168.1.1 but having my global pools setup I should be able to pull the web page from the web server @ the DMZ.
Does my configuration look correct? I've been pulling my hair for the past hour and a half over this lol
show run
Building configuration...
Current configuration : 1937 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
ip routing
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0/24
no switchport
ip address 192.168.1.254 255.255.255.0
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
no ip address
shutdown
!
interface Vlan2
ip address 192.168.2.1 255.255.255.0
!
interface Vlan3
ip address 192.168.3.1 255.255.255.0
!
ip default-gateway 192.168.1.1
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip http server
ip http secure-server
!
!
!
control-plane
!
!
line con 0
password class
logging synchronous
login
line vty 0 4
password class
login
line vty 5 15
password class
login
!
end
Switch#
Switch#
Now I've setup a default static route of 0.0.0.0 0.0.0.0 192.168.1.1 but I wasn't able to get out past the switch. I've setup IP routing to make sure the Switch functions as a Layer 3 routing switch
I've setup IP HTTP SERVER on both the DMZ web_server and the outside router(not pictured) so I should be at least able to get to the web page.
I realize the ASA won't respond to pings at 192.168.1.1 but having my global pools setup I should be able to pull the web page from the web server @ the DMZ.
Does my configuration look correct? I've been pulling my hair for the past hour and a half over this lol
show run
Building configuration...
Current configuration : 1937 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
system mtu routing 1500
ip subnet-zero
ip routing
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0/24
no switchport
ip address 192.168.1.254 255.255.255.0
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
no ip address
shutdown
!
interface Vlan2
ip address 192.168.2.1 255.255.255.0
!
interface Vlan3
ip address 192.168.3.1 255.255.255.0
!
ip default-gateway 192.168.1.1
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip http server
ip http secure-server
!
!
!
control-plane
!
!
line con 0
password class
logging synchronous
login
line vty 0 4
password class
login
line vty 5 15
password class
login
!
end
Switch#
Switch#