# Problem with ASA 5505



## Trellaras7 (Nov 1, 2014)

Hello everyone, 

I really hope you can help me.

I am working at a company as a computer technician support and i am studing for CCNA since this summer.

I am responcible for support at this company and i think i have made a huge mistake accidentally which i dont know how to solve.

I was trying to port forward through ASA 5505 ASDM and not remembering how, i somehow blocked the trafic inside and outside except RDp (which is how i connect now).

I am not very familiar with commands yet so ASDM seemed to me helpfull even though, show run, version, ping and very basic stuff i can do. 

I see on the monitor status right now the following messages 

192.168.1.104	16129	64.4.23..xxx Deny tcp src inside:192.168.1.104/16129 dst outside:64.4.23.152/40006 by access-group "inside_access_in" [0x0, 0x0]

and 


192.168.1.104	16112	111.221.77.xxx	80	Built outbound TCP connection 33949083 for outside:111.221.77.1xx/80 (111.221.77.xxx/80) to inside:192.168.1.104/16112 (192.168.1.104/16112)

I can not get access to the internet (nor the clients) or the cisco phones connected.

I think my head is at stake here and i would appreciate some help.

Thanks anyway


----------



## Trellaras7 (Nov 1, 2014)

Also this message on my monitor

192.5.5.xxx	53	192.168.1.10	58089	Teardown UDP connection 33954084 for outside:192.5.5.xxx/53 to inside:192.168.1.10/58089 duration 0:02:01 bytes 34


----------



## Shadowjk (Sep 3, 2014)

> 192.168.1.104	16129	64.4.23..xxx	Deny tcp src inside:192.168.1.104/16129 dst outside:64.4.23.152/40006 by access-group "*inside_access_in*" [0x0, 0x0]


What is this access-list? Can you show the access-list details and where it is applied (Inside, Outside.. etc) and in what direction (Inbound or Outbound).



> 192.5.5.xxx	53	192.168.1.10	58089	Teardown UDP connection 33954084 for outside:*192.5.5.xxx/53* to inside:192.168.1.10/58089 duration 0:02:01 bytes 34


UDP port 53 is used for DNS. This would be the start of your problems as the ASA is preventing any DNS responses to clients.

As to why it is doing this it could be related to your ACL configured, the policy-map applied or it maybe a native security level mismatch.

Can you also list what zones you have (Outside, Inside or DMZ) and what security levels you have configured for them?

Also, please hide any information that could identify this device from the internet... showing your firewall policies and what IP addresses it is connected to on a public forum isn't advised...

Josh :smile:


----------



## Trellaras7 (Nov 1, 2014)

Hi,

Thank you for your reply.

I will post any information tomorow as i don't have access for now.

Thank you again


----------

