07-21-2009 10:49 PM - edited 03-11-2019 08:57 AM
Hi everybody!
I have an ASA5510 with an "inside" and "outside" topology.
All users at 192.168.1.0/24 network are using the ASA to reach Internet.
Now I have a new router in the inside.
The problem is users cannot reach 192.168.2.0/24 network at the new router.
I was looking for some configuration examples and I found "same-security-traffic permit intra-interface" command. It did not help me at all. Not sure if this command is available only for VPN connections.
I attached the LAN drawing.
Any idea?
Thank you everybody!
07-22-2009 12:36 AM
Sebastian,
You are trying to make the ASA act as a router for the 192.168.2.0/24 network - when you have a perfectly good router to perform that function, my reccomendation is:-
1) Have all servers/desktops iin the 192.168.1.0/24 point to the router as the default gateway.
2) Have a static default route in the router pointing to the ASA for internet traffic.
3) Have a route in the ASA for the 192.168.2.0/24 network pointing to the 192.168.1.2 IP of the router.
This will fix all your issues - and correct your topology.
HTH>
07-22-2009 01:00 AM
Thank you very much for your reply.
I was thinking the same answer. Just wanted to know if there was another possibility.
Your solution seems ok for me.
Thanks again!
Sebastian
07-22-2009 01:10 AM
np - glad to help
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: