hi experts
problem
network behind wireless is 10.0.0.0/24 unable to access from asa defined
dhcp network 192.168.1.0/24
topology
wireless access point wan port --> ASA inside switchport vlan 1
on asa set a static route to say 10.x is behind 192.168.1.7 (which is the
address of the wan port of the wireless access point, pings fine from asa
and traffic from the 10.x range is able to get out to the internet fine)
route inside 10.0.0.0 255.255.255.0 192.168.1.7
S 10.0.0.0 255.255.255.0 [1/0] via 192.168.1.7, inside
but ping fails
ciscoasa(config)# ping 10.0.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds:
?????
Success rate is 0 percent (0/5)
using the ASDM packet tracer facility it show that it is trying to ping
from inside to outside interface, it fails due to acl-rule
but on asa not seeing it here..
ciscoasa(config)# show access-list
access-list cached ACL log flows: total 0, denied 0 (deny-flow-max 4096)
alert-interval 300
problem is this probably a private vlan scenario as I have a network within
a network on my inside interface so the packet trace going from inside to
outside is wrong
any advice would be great
Blogs and organic groups at http://www.ccie.net
Received on Tue Jul 17 2012 - 09:21:09 ART
This archive was generated by hypermail 2.2.0 : Wed Aug 01 2012 - 15:55:23 ART