07-07-2013 11:42 AM - edited 03-11-2019 07:08 PM
I have a Cisco ASA5505 configured with 3 vlans outside = x.x.x.x \24, inside = 10.217.46.1 \ 27, and wifi = 10.217.46.33 \ 27. I have security plus liscense but i cant access anything in the inside if im on wifi or i cant access anything from wifi if im on inside cant even ping between vlans but access to the internet is working just fine on both sides any ideas.
07-07-2013 11:46 AM
Hello Robert,
What is the security level between interfaces? Would you mind sharing your configuration?
-Eddy Duran
07-07-2013 11:48 AM
they are both at 100
07-07-2013 11:48 AM
Hi,
The easiest way to solve this would naturally to see the configuration.
The main things that might affect on the firewall side are
You can also take the "packet-tracer" output if you want to test the firewall configurations/rules
packet-tracer input inside tcp
packet-tracer input wifi tcp
One common problen with ICMP through the firewall is missing ICMP Inspection
It can be added with
fixup protocol imcp
fixup protocol icmp error
Or alternatively by entering
policy-map global_policy
class inspection_default
inspect icmp error
inspect icmp
- Jouni
07-07-2013 11:49 AM
Hi,
You need to add "same-security-traffic permit inter-interface" atleast
- Jouni
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide