cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
436
Views
0
Helpful
5
Replies

ASA5505 backup connection doesnot allow traffic

FredDenHeijer
Level 1
Level 1

We are trying to get an ASA5505 to function with an fallback internet connection. Everything is connected correctly and sla rule functions the right way but when it is relayed to the backup connection the i can see that the connection is up but the ASA is dropping the packet to the inside. So we can see with the packettracer that is is going outside but the the answer is being dropped by an access-list of the ASA.

A lay-out is attatched as also a config of the ASA.

5 Replies 5

francisco_1
Level 7
Level 7

try global (backup) 1 interface

Francisco

interface Vlan2

backup interface Vlan15

nameif outside

security-level 0

ip address xx.xx.xxx.xx xxx.xxx.xxx.xxx

interface Ethernet0/1

switchport access vlan 15

this is part of the config the backup is connected to the ethernet 0/1.

try adding the NAT statement above

NAT is done by the SB107, we want the ASA only route this connection.

can upload the deny logs you are seeing on the ASA. try connecting again and send me the deny logs on ASA. use "show logg asdm | inc [ip address of pc you are connecting from"

Francisco

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: