I am trying to do a simple packet tracer on my ASA and this is what I am getting
ASA# packet-tracer input DMZ tcp 10.250.0.5 2234 10.250.0.6 22 xml
in 10.250.0.4 255.255.255.252 DMZ
<drop-reason>(acl-drop) Flow is denied by configured rule</drop-reason>
The 10.250.0.6 deve is a router directly connected to the DMZ interface 10.250.0.5
However I am getting the reason for droped packet as (Implicit Rule) which I can see is only on the global interface.
I am permiting ip any any on that same interface as well.
How can I make this work?
The reson for this is I need my ASA to authenticate with TACACS server which is behind the 10.250.0.6 router
It's just strange that TACACS can't be ping'd, yet traffic through the ASA is good.
What type of device is 10.250.0.6? Do you have access to it?