Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Two directly connected subnets on ASA unable to communicate

Hello All, 

I am currently having an issue where two directly connected networks on an ASA are unable to communicate. 

ASA Ethernet 1 - 172.10.0.1 255.255.255.0 - Security level 100

ASA Ethernet 2 - 10.10.0.1 255.255.0.0 - Security level 50

Switch 1 - 172.10.0.2

Host 1 - 172.10.0.3

Host 2 - 10.10.0.10

Host 1 is unable to ping or access Host 2.  Host 1 is also unable to ping the Ethernet 2 - 10.10.0.1 interface. 

Should I have to enter a route or NAT command? Any other thoughts?

 

 

Everyone's tags (4)
3 REPLIES
New Member

By default ASA will block

By default ASA will block traffic from a lower security interface to a higher secuirt interface. You need to create a firewall rule for the traffic coming from lower security interface and also need to enable the ICMP inspect on the service policy

New Member

Thanks Kannan but Host 1 is

Thanks Kannan but Host 1 is security level 100 and host 2 is security level 50.  I am able to ping host 2 from the firewall though. 

Bronze

first test if you can ping

first test if you can ping from the firewall both hosts. check the rules and do you have nat-control on the firewall?

146
Views
0
Helpful
3
Replies
CreatePlease to create content