I'm using ASA5510 ver8.0(3), still having trouble with the routing. Sorry to keep reposting on same topic, I thought I had it resolved....
From PC (GW pointing to ASA) I'm able to ping all Network devices and servers with the nonat ACL setup. I just can't do anything other than ping. RDP, telnet, ssh, smtp any port I try to use on an alternate subnet fails.
Even when I try packet-trace command from ASA it allows the flow.
I don't understand why it takes 14 phases in packet tracer (4 of them being nat) when there's no natting involved.
Things that work:
-Nat from Inside host to outside (internet)
-ping from ASA to any internal subnet on inside interface (learned from EIGRP)
-have this command enabled: same-security-traffic permit intra-interface
-other subnets are reachable via inside interface
-nat (inside) 0 acess-list nonat ~setup
-icmp is allowed through the firewall
What I'm trying to accomplish is, I want to be able to access all internal subnets from ASA (besides ping).
I've attached config and packet trace, if anyone could help much appreciated.