I am having issues with routing on 2 ASA 5520 and wondering if anyone can help.
Attached is some of the running config.
The setup is basically 2 asa 5520s running in a active/active configuration.
3 out of the four interfaces are used and one for failover between each box.
I have an interface dedicated to each zone as such:
Core (inside) 10.1.0.0
Now I have been trying to enable routing between the inside interface and the DMZ, and vice versa.
For example I would like a host in the inside zone to be able to ping a host in the DMZ.
I have added exception for ICMP and also allow it both ways. To which it doesn't appear to work, also tried the same but for a host inside to connect to a web server in the dmz.
Everytime I run the packet trace wizard in the ASDM it is almost like the ACL rules and not being picked up and am told that the implicit deny is causing the packet to be dropped?
I have tried many combinations of nat exemptions and acl rules