Hello, I could use some help understanding a configuration concept on an existing ASA 5510. I have four interfaces configured: Outside (security level 0), Inside (security level 100), DMZ (security level 90), and Others (security level 90). My goal is to send https traffic back and forth between a host on the DMZ interface and a host on the Others interface.
The DMZ interface uses the 192.168.1.32/27 network and the Others interface uses the 192.168.1.64/27 network. When I use the "show route" command on the 5510, I can see the two networks are Connected (no static routes, just the correct C entries). I'm not sure why the security levels are exactly the same for those two interfaces (I inherited the configuration), but I decided to leave the security settings alone and added the "same-security-traffic permit inter-interface" command to the running configuration.
There are a number of ACL and NAT entries (entered by others) in the configuration that may be confusing the issue. There is a Global Pool set up for the DMZ interface (192.168.1.93) and the Others interface (192.168.1.44), and whenever I try to send traffic from the DMZ host to the Others host, the packet capture shows the packets going from the DMZ host into the .93 pool (and never entering the .32 network).
At this point, I'm wondering if the existing configuration can be corrected - or should I remove the work done by others and start over? And if I start over (which I am inclined to do), what do I add to or remove from the existing configuration (route, acl, nat) so the traffic moves properly? Thanks in advance for any assistance - I have been researching the 5510 but only have a few weeks of experience with the device.