i have an ASA 5540 that is not connected Via HSRP, however, i am running HSRP in the internal network(S)
i added a DMZ port and switch in order to convert things to the DMZ, however, for debugging and connectivity purposes i made sure ICMP is working between the DMZ and the inside network. i will secure it at a later time.
i have Anti-spoofing on all interfaces enabled
i try to use an ICMP ping, and i get an error about reverse patth checking and the packets are dropped. they are from a source interface that is the
on my sh stand here is my setup
Vlan6 - Group 0
State is Active
7 state changes, last state change 00:15:27
Virtual IP address is 192.168.52.1
Active virtual MAC address is 0000.0c07.ac00
Local virtual MAC address is 0000.0c07.ac00 (v1 default)
Hello time 3 sec, hold time 10 sec
Next hello sent in 0.492 secs
Active router is local
Standby router is 192.168.52.254, priority 100 (expires in 7.945 sec)
Priority 100 (default 100)
Track interface GigabitEthernet1/0/1 state Up decrement 50
IP redundancy name is "hsrp-Vl6-0" (default)
vlan config on core router
ip address 192.168.53.254 255.255.254.0
ip access-group 160 out
ip pim sparse-mode
standby ip 192.168.52.1
standby track GigabitEthernet1/0/1 50
i do have the IP address to ping allowed through the DMZ which is 10.20.20.4 on ACL 160
ive been searching, but coming up with nothing. i turn off anti-spoofing on the insdie interface, i dont get errors, but packets do not reach my destination, and i get no ASA logs.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...