Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
390
Views
0
Helpful
3
Replies

ASA 5520 strange behavior

jeffland_98
Level 1
Level 1

‎03-01-2007 08:36 PM - edited ‎03-11-2019 02:40 AM

A one page description of the problem is attached with a sketch. The Firewall is not allowing access from a router that it should be by access rules. A sanitized version of the running cfg is also attached.

Labels:
Preview file
28 KB
Preview file
15 KB
0 Helpful
3 Replies 3

ebreniz
Level 6
Level 6

‎03-09-2007 05:46 AM

The following procedure shows the basic configuration required for this example. This procedure is similar to the configuration shown in " Basic Configuration Examples:

http://www.cisco.com/en/US/products/hw/vpndevc/ps4077/products_configuration_guide_chapter09186a008045a77c.html

0 Helpful

abinjola
Cisco Employee
Cisco Employee

‎03-09-2007 06:40 AM

can you turn on your debug pings..usng debug icmp trace and then notice ICMP request hitting SMF01 from RT01 ?

I first want to make sure that the request is at least reaching the firewall...and then we can take it further...

0 Helpful

jeffland_98
Level 1
Level 1
In response to abinjola

‎03-09-2007 08:45 AM

I was able to see the ICMP build in the ASA SM-FW01 using ASDM live logging and then be torn down after the 2 sec timeout for ICMP.

BTW- The problem with the DB DMZ was not part of this - I caused it while trouble-shooting by redoing the routing and forgetting to replace the route to the SM-DBDMZ.

But I still can't ping the SM-FW01 from the EM-RT01 and it is mystifying me.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card