Wireless Access

Reply
Occasional Contributor II
Posts: 23
Registered: ‎07-21-2011

Corporate Internet access and RAP3 remote user

[ Edited ]

We have a RAP3 with a wired user in a remote location and are having an issue with Internet access. The RAP connects and works fine with our internal applications, but there is no Intenet access. I worked with TAC for about 6 hours on this and didn't make much progress, they said it was somehting I needed to change on our Cisco ASA Firewall. The Cisco currently has a network PAT configured for the VLAN used for the RAP3's.

 

I've gotten it narrowed down to the following. If I enable source NAT on the VLAN IP Interface on my controller, I can ping Intenet websites, but any other web traffic gets blocked by our Cisco ASA firewall. With source NAT disabled I cannot ping any websites at all. The wired thing is I have a RAP5 set up that works fine (with source NAT disabled). I've run out of ideas so I decided to post here.

The message on my firewall is:

Inbound TCP connection denied from <OutsideWebsiteIP>/80 to <InsideControllerIP>/50406 flags SYN ACK  on interface Inside

 

Controllers are 7210's with OS version 6.3.1.5_43118

 

Any help would be appreciated.

 

**** SOLVED**** I needed to add a routing statement on the Cisco ASA. Simple as that.

ACMP - Feb 2014
Search Airheads
Showing results for 
Search instead for 
Did you mean: