Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Two directly connected subnets on ASA unable to communicate

Hello All, 

I am currently having an issue where two directly connected networks on an ASA are unable to communicate. 

ASA Ethernet 1 - - Security level 100

ASA Ethernet 2 - - Security level 50

Switch 1 -

Host 1 -

Host 2 -

Host 1 is unable to ping or access Host 2.  Host 1 is also unable to ping the Ethernet 2 - interface. 

Should I have to enter a route or NAT command? Any other thoughts?



Everyone's tags (4)
New Member

By default ASA will block

By default ASA will block traffic from a lower security interface to a higher secuirt interface. You need to create a firewall rule for the traffic coming from lower security interface and also need to enable the ICMP inspect on the service policy

New Member

Thanks Kannan but Host 1 is

Thanks Kannan but Host 1 is security level 100 and host 2 is security level 50.  I am able to ping host 2 from the firewall though. 


first test if you can ping

first test if you can ping from the firewall both hosts. check the rules and do you have nat-control on the firewall?

CreatePlease to create content