Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Traffic through management interface of ASA

Hi,

We have a VPN tunnel between an ASA and cisco IOS router (remote site IP 10.14.0.0. /16 ).

We would like to monitor the remote site hosts from our management segment.

Our management segment is separated from the ASA via a Checkpoint FW.

Management interface : 10.0.252.1 /29

Management subnet : 62.233.5.0 /24

Pinging from a host on the network 10.0.252.x to 10.14.0.0 /16 works fine but when we try to ping from 62.223.5.0 to 10.14.0.0 /16 it fails.

I did a capture on the management interface and I see my packets coming in. Also my acl shows a hit on the ICMP packets .I also enabled logging on this ACL but in my logging I don't see anything.

It seems that the ASA justs drop the packets....

My question is : Had anybody had this problem before ? Can a management interface route any traffic or will he just drop it ?

PS: It is possible to configure the management interface for management-only but I disabled this .

gr

wim

1 REPLY
Silver

Re: Traffic through management interface of ASA

113
Views
0
Helpful
1
Replies