ACL in 5505

Unanswered Question
Mar 24th, 2009

Background: after looking at the document I will tell you that the scenario is the FEP_server initiates communications to the 1.1.1.1 tcp 4113 router. We use this as a backup and I know for a fact it worked before adding the RockyPH-transparent-fw and the FEP-transparent-FW. This testing was done when the SY_Firewall went in and everything worked. Several months ago the RockyPH-transparent-fw was installed. Today the FEP-transparent-FW was installed and we started testing this backup communications link and it would not work. I noticed the syslog in the SY_firewall saying 'icmp block src: 168.117.106.243 to 172.19.0.1'....I don't know why the RockyPH-tran-fw would be trying to ping the server????? So I added ace to both interfaces (inside/outside) to allow traffic between 172.19.0.1 and 168.117.106.243 and everything started working!! Why would I have to add those ACE to make this work??

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion