I have two local subnets 192.168.1.0 and 192.168.2.0 behind another router. I hairpinning on the ASA (IP 192.168.1.252) to route traffic to the subnet 192.168.2.0.
I applied the next commands (I received help from pkampana to do this):
same-security-traffic permit intra-interface
access-list inside_nat0_outbound extended permit ip 192.168.1.0 255.255.255.0 192.168.2.0 255.255.255.0
access-list inside_nat0_outbound extended permit ip 192.168.2.0 255.255.255.0 192.168.1.0 255.255.255.0
route inside 192.168.2.0 255.255.255.0 192.168.1.254 1
If I ICMP echo using ASDM Packet Tracer works in both directions.
If I ping using a computer from subnet 192.168.1.0 to subnet 192.168.2.0 works.
If I ping using a computer from subnet 192.168.2.0 to subnet 192.168.1.0 fails.
If I remote desktop from any subnet fails and ASDM is logging the error that say:
Syslog ID: 106015
Source IP: 192.168.1.153
Destination IP: 192.168.2.4
Description: Deny TCP (no connection) from 192.168.1.153/1168 to 192.168.2.4/3389 flags RST on interface inside.
Thank you in advance.