hi Ajay,The security appliance does not allow any traffic unless it is
explicitly permitted by an extended access list.
--Mujtaba Bashir
> Date: Tue, 23 Jun 2009 11:20:22 +0530
> Subject: permit rip/eigrp on inside interface of ASA?
> From: ajaymehra01_at_gmail.com
> To: ccielab_at_groupstudy.com
>
> Hi,
>
> Is this a known issue with ASA? Eigrp and rip packets are not allowed to
> enter inside interface of Transparent Firewall until explicitly permitted.
>
> %ASA-3-106010: Deny inbound protocol 88 src inside:150.100.3.254 dst
> outside:224
> .0.0.10
>
> %ASA-2-106006: Deny inbound UDP from 150.100.1.254/520 to 224.0.0.9/520 on
> inter
> face inside
>
>
> After I enable "access-list INSIDE per ip an an" everything worked.
>
> Although I have not got a chance to test this with Routed firewall but I
see
> this problem always with Transparent firewall.
>
>
>
> Thanks
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
Received on Tue Jun 23 2009 - 06:07:49 ART
This archive was generated by hypermail 2.2.0 : Wed Jul 01 2009 - 20:02:37 ART