internet<->cisco 2960<->production firewall<->LAN
the 2960 is plugged to both Verizon main and backup and the firewall's WAN interface
I've added a 4th connection, ASA 5505 WAN interface to get this test environment:
ASA used a real IP that hasn't been used on production. all my tests in\out worked
moving to the next step on testing I've unplugged my production firewall from the 2960 switch & LAN. I've also connected ASA to the same LAN CORE switch using same subnet IP.
going out all my connections are working (coming from the real production LAN)
coming in is the problem. nothing came in (talking about connections initiated by internet users). same connections (same static\access-list commands) worked on test, the only difference was the outside IP (my test machine had real LAN IP and used the same ports as in production)
is it possible that ARP database on the 2960 blocked my inbound connections?
any other ideas?