cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
482
Views
0
Helpful
4
Replies

Cannot access internet throught ASA CX transparent mode

I had implement ASA CX on transparent mode, at first on stateful the traffic looks well but after I had redirect the traffic to the cxsc module via Inspection rule, the traffic can't access to the internet

 

ASA version : 9.1.3

PRSM version : 9.2.1.2

mode : transparent

 

Interface

BVI1 : Enable

gi0/0 : outside, enable, security level 0, group BVI 1

gi0/1 : inside, enable, security level 100, group BVI 1

 

policy : Source : Any ==> Destination : Any ==> Service : IP (ASDM), any (PRSM)==> Action : Allow ( On both ASDM and PRSM )

 

 

 

 

 


 

4 Replies 4

vishaw jasrotia
Level 1
Level 1

Please share your ASA inspection conifguration .

and sh module CX detail output.

Hi vishaw1986

the output of the command is

 

Card Type:          ASA CX5525 Security Appliance
Model:              ASA CX5525
Hardware version:   N/A
Serial Number:      FCH180570M8
Firmware version:   N/A
Software version:   9.2.1.2
MAC Address Range:  18e7.28b6.1f8d to 18e7.28b6.1f8d
App. name:          ASA CX
App. Status:        Up
App. Status Desc:   Normal Operation
App. version:       9.2.1.2
Data Plane Status:  Up
Status:             Up
Mgmt IP addr:       10.10.50.192
Mgmt Network mask:  255.255.255.0
Mgmt Gateway:       10.10.50.254
Mgmt web ports:     443
Mgmt TLS enabled:   true


and I have attach the inspection policy and the running config

Regards,

S. Tinnakorn

Hello ,

Thanks for sharing the information.

Your configuration seems ok

can you please try this.

 

access-list 101 extended permit ip any any

class-map CX
 match access-list 101

policy-map CX
 class CX
 cxsc fail-open

service-policy  CX interface outside

 

Just creat a seperate policy map for CX

 

Thanks

 

Hi Vishaw1986,

Thank you for help, I will try to put this configuration and will inform the result ASAP.

 

Regards,

S. Tinnakorn

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: