Re: unable to ping FWSM VLAN ip from different vlan in the same
Have you created access-list to allow traffic between the vlans? because once you name the vlan "inside" it will get a security-level 100, which will by default block everything from outside or from lower security-levels
*--* Please rate the useful post,its free ;) *--*
unable to ping FWSM VLAN ip from different vlan in the same FWSM
I am wondering where you are pinging the IP 10.20.20.1 from? Is it from the host 10.20.20.100?
If that is not working then add
icmp permit any DMZ1
Though to my understanding ICMP should work to the interfaces by default.
If you are trying to ping 10.20.20.1 from the network 10.100.100.0/24 then this wont work to my understanding. Cisco firewalls wont let you ping an interface IP address from behind another interface on the same firewall.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
[toc:faq]Introduction:This document describes details on how NAT-T
works.Background:ESP encrypts all critical information, encapsulating
the entire inner TCP/UDP datagram within an ESP header. ESP is an IP
protocol in the same sense that TCP and UDP are I...