07-19-2009 11:16 AM - edited 03-11-2019 08:56 AM
Hi all,
2 ASA5520 (active/standby). I have 10 VLANs, all with same security level (100) they are all internal networks, I them to talk each other without NAT but I'm getting a strange behaviour, I have a NAT dynamic so they can get to the Internet and a NAT EXEMPT when the traffic needs to go to the other VLANs. The strange thing is that I have "SYN Timeout" to some machines on TCP traffic but I always have ICMP connectivity. Accessing from one VLAN to the other can give me access to one machine without problem and no TCP connections to another on the same VLAN.
Any advise?
Regards
07-21-2009 09:54 AM
you also configured same security traffic?
same-security-traffic permit inter-interface
07-22-2009 05:38 AM
Hi,
Yes, I have enabled inter-interface traffic and for some machines it works but not for others (only on TCP traffic) because with ICMP it always works.
Regards
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: