04-19-2012 02:49 AM - edited 03-11-2019 03:55 PM
Dear All,
We are going to impliment Spectrum (CA) in my network,i have ASA-5580-20 firewall now my spectrum server want to communicate with firewall,then only it will discover the firewall logs.
Now the problem is my spectrum server is in MZ zone(10.10.10.45) security leval is 70 and my inside interface(10.20.20.101) security leval is 100.
Iam unable to ping from spectrum server to firewall because of high security leval.
How can i solve this problem,can i change my inside security leval to 69 then i think it will ping.
Please give ur valuble suggessions on this.
Srini
Solved! Go to Solution.
04-19-2012 02:55 AM
Hi Dhani,
It is a security feature of the ASA appliance, you would not be able to ping remote interfaces, which means if your machine is on the DMZ interface, then you can only ping the DMZ interface from there, no other interface would be pingable.
It is valid for pings, ssh,telnet or ASDM access. You would only be able to access the firewall on the interface behind which you are connected.
Moreover, if you have any machine connected behind the inside interface, then you can ping it using NAT and ACL.
Hope this would be helpful.
Thanks,
Varun
04-19-2012 02:55 AM
Hi Dhani,
It is a security feature of the ASA appliance, you would not be able to ping remote interfaces, which means if your machine is on the DMZ interface, then you can only ping the DMZ interface from there, no other interface would be pingable.
It is valid for pings, ssh,telnet or ASDM access. You would only be able to access the firewall on the interface behind which you are connected.
Moreover, if you have any machine connected behind the inside interface, then you can ping it using NAT and ACL.
Hope this would be helpful.
Thanks,
Varun
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide