ASA 5520 strange behavior

Unanswered Question
Mar 1st, 2007

A one page description of the problem is attached with a sketch. The Firewall is not allowing access from a router that it should be by access rules. A sanitized version of the running cfg is also attached.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
abinjola Fri, 03/09/2007 - 06:40

can you turn on your debug pings..usng debug icmp trace and then notice ICMP request hitting SMF01 from RT01 ?

I first want to make sure that the request is at least reaching the firewall...and then we can take it further...

jeffland_98 Fri, 03/09/2007 - 08:45

I was able to see the ICMP build in the ASA SM-FW01 using ASDM live logging and then be torn down after the 2 sec timeout for ICMP.

BTW- The problem with the DB DMZ was not part of this - I caused it while trouble-shooting by redoing the routing and forgetting to replace the route to the SM-DBDMZ.

But I still can't ping the SM-FW01 from the EM-RT01 and it is mystifying me.


This Discussion