Unable to access a different network

Unanswered Question
Nov 6th, 2008

Hi all. All my office PCs are connected to a cisco asa5510 gateway at 192.168.1.254. Recently we bought over a new company and integrate their private lan with ours. For the initial stage we did not let them use the same private ip. They are using 192.168.2.0/24 subnet. Their fortigate gateway has an interface that is connected to our office lan with the ip 192.168.1.200. If i add the below static route to my firewall it could not work.

route inside 192.168.2.0 255.255.255.0 192.168.1.200

I have already ensure that the fortigate firewall is already properly configured with correct static route and firewall policy. When i add the static route on my office pc manually, i could connect to 192.168.2.0 subnet. My cisco asa5510 is of asa version 7.2(4), hence there should be no hairpinning issue. When i check my asa firewall log i see "2008-11-06 17:27:00 Local4.Error 192.168.1.254 Nov 06 2008 02:38:38: %ASA-3-106014: Deny inbound icmp src inside:192.168.1.11 dst inside:192.168.2.3 (type 8, code 0)" How do i solve this? THks in advance.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Thu, 11/06/2008 - 03:40

You are right in that the ASA supports hairpinning but what have you done in your config to set this up ?

Jon

Actions

This Discussion