I would like to know how to use this command and any other related commands I need to make traffic enter and leave the same interface.
Basic network topology layout:
Internal network of ASA is 10.0.0.0/16
Networks inside the ASA I need to reach 172.16.2.0/24, 10.255.255.0/24, and 10.0.5.0/24
I executed the same-security interface permit intra-interface without any luck.
I then created a static (inside,inside) 10.0.0.0 10.0.0.0 and I'm able to ping 10.255.255.x/24 I made sure the access-list on the inside interface allow source 10.0.0.0/16 to reach 10.255.255.0/24. I also made sure NAT exemption is configured too for this one network I'm working with but when I try to perform a TCP session to a host (10.0.120.20) that uses the ASA as a default gateway (10.0.100.244) I get the message.
Sep 13 2009 15:27:11 ASA02 : %ASA-6-106015: Deny TCP (no connection) from 10.0.120.20/3389 to 10.255.255.20/1141 flags SYN ACK on interface insid
Can someone assist me with this configuration using the same-security interface permit intra-interface
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...