07-19-2009 11:16 AM - edited 03-11-2019 08:56 AM
Hi all,
2 ASA5520 (active/standby). I have 10 VLANs, all with same security level (100) they are all internal networks, I them to talk each other without NAT but I'm getting a strange behaviour, I have a NAT dynamic so they can get to the Internet and a NAT EXEMPT when the traffic needs to go to the other VLANs. The strange thing is that I have "SYN Timeout" to some machines on TCP traffic but I always have ICMP connectivity. Accessing from one VLAN to the other can give me access to one machine without problem and no TCP connections to another on the same VLAN.
Any advise?
Regards
07-21-2009 09:54 AM
you also configured same security traffic?
same-security-traffic permit inter-interface
07-22-2009 05:38 AM
Hi,
Yes, I have enabled inter-interface traffic and for some machines it works but not for others (only on TCP traffic) because with ICMP it always works.
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide