I am having issue with pinging from one server on inside (Security level 100) to other subinterface (Security level 60). Server which is pinging is 10.74.20.56 and it is pinging to destination 10.128.4.33. and this 10.128.4.33 is natted to 192.168.14.131 (Destination NATing).
I have allowed icmp(1), snmp,snmp-trap,syslog towards 10.74.20.56.
Thnx for response, but problem is that when state inpection is enable it will add original address in statetable and return traffic will not match this state entry and will be denied. e.g
lets say ping source is 10.47.20.56 and destination is 10.128.4.33 and when packet hit interface , entry will be made to state table. and then destination address will be natted to 192.168.14.131, because i am having destination nat enable,. When packet returns back then source will be 192.168.14.131 and destination will be 10.47.20.56 and when this entry will not match to state entry it will be denied
But lets say if issue nat (0) for traffic coming from inside then i
will no be able to rach my servers, as servers real ip address is 192.168.14.131 and this address not reachable from inside.
So i will have to NAT this is the reason i did destination nat. Source 10.47.20.56 dest 10.128.4.33 and when packet arrives this way then destination will be NATed to 192.168.14.131. It will reach the destination i could see it capture, but on the way back they are dropped. I
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...