Question : Problem: Internet access denied on L2 switch

Hi Expert
Please help!

Unable to ping public IP or ASA inside IP on Catalyst 2950 switch as an access level

My network topology is very simple.
Internet == Cisco 877 == Cisco ASA 5505 == Cat3750 == Cat2950

In L3 switch Cat3750 using console, I can ASA 5505 inside IP. In L2 switch Cat2950 using console, I CANNOT ping it.

ASA running 192.168.10.2 with only default configuration and default access-list, no 1-to-1 NAT, no password is set. Already ICMP enabled in outside interface.
Cat3750 routed port is 192.168.10.1
Cat3750 trunk with Cat2950

Is anyone encounter? What is wrong?

Answer : Problem: Internet access denied on L2 switch

I suppose your ASA should have static route to cisco 3750

I'm not very clearly understand your IP addressing, but if it is like this:

----<[10.1.1.2/24]c3750[10.1.2.1/24]>----<2950>---

then static route for ASA would look like:
ip route 10.1.2.0 255.255.255.0 10.1.1.2

so we effectively tell ASA, that there is one more subnet within our network, which is located behind c3750.

In fact you can have several subnets behind c3750 and if you want all of them to be visible from ASA, then you should add static routes to all those networks.

Random Solutions

Problem: Can I reduce dissipation by using PC3200 memory in place of PC2700 at 2700 clockspeed.

Problem: WTF's up with my iSCSI network config ???

Problem: blue screen in Windows PE 2.0 on Sunfire X4100

Problem: What is the super-secret combination to reset a Logitech wireless keyboard?

Problem: Linux Box SSH access

Problem: My Dell refuses to power on

Problem: Can I remotely restart a Logmein-controlled machine and be sure I can remotely log in again?

Problem: Migrating iTunes library from XP Laptop to Vista Destop

Problem: Citrix users cannot open web pages via emails

Problem: Software or system info to tell me what brand and model motherboard in my XP