https://community.cisco.com/t5/network-security/traffic-between-two-internal-interface-asa/m-p/2573539#M205106 <P>I have ASA 5512 configured like below:</P><P>g0/0 : outside ---&gt; &nbsp;security 0, connect to the internet via GW router, private IP /30, no NAT (NAT is occur on the GW router)</P><P>g0/1 : inside1 ---&gt; security 100,&nbsp;connect directly&nbsp;to LAN 10.x.x.x</P><P>g0/2 : inside2 ----&gt; security 100, connect to another router, lets call it router-X&nbsp;using /30 private IP, and behind that router is another LAN in segment 192.168.x.x</P><P>I configured via ASDM and have enabled the option "Enable traffic between two or more&nbsp;interfaces which are configured with the same security level"</P><P>&nbsp;</P><P>Routing in ASA:</P><P>outside, 0.0.0.0 0.0.0.0 (GW router IP)</P><P>inside2, 192.168.0.0 255.255.0.0 (router-X IP)</P><P>&nbsp;</P><P>Everything works as it should, I can go either from inside1/inside2 to the internet, and I can also access between segments 10.x.x.x &lt;-&gt;&nbsp;192.168.x.x under normal condition</P><P>&nbsp;</P><P>But there is this one accident where the internet connection is down (on the provider side) so I cannot access the internet, but at the same time I also cannot access the other inside interface ( I cannot access 192.168.x.x from 10.x.x.x). this is so weird to me, the inter-segment connection&nbsp;should still be working even without the internet isn't it?</P><P>And as soon as the internet connection is up and active again, the inter-segment connection is also comes up again.</P><P>&nbsp;</P><P>What did I do wrong?</P><P>PLease help me, this is an existing and active production network&nbsp;in my office so i cant just do a trial-and-error here</P><P>Any help will be highly appreciated... thanks!</P> Tue, 12 Mar 2019 05:12:59 GMT randms2610 2019-03-12T05:12:59Z https://community.cisco.com/t5/network-security/traffic-between-two-internal-interface-asa/m-p/2573539#M205106 <P>I have ASA 5512 configured like below:</P><P>g0/0 : outside ---&gt; &nbsp;security 0, connect to the internet via GW router, private IP /30, no NAT (NAT is occur on the GW router)</P><P>g0/1 : inside1 ---&gt; security 100,&nbsp;connect directly&nbsp;to LAN 10.x.x.x</P><P>g0/2 : inside2 ----&gt; security 100, connect to another router, lets call it router-X&nbsp;using /30 private IP, and behind that router is another LAN in segment 192.168.x.x</P><P>I configured via ASDM and have enabled the option "Enable traffic between two or more&nbsp;interfaces which are configured with the same security level"</P><P>&nbsp;</P><P>Routing in ASA:</P><P>outside, 0.0.0.0 0.0.0.0 (GW router IP)</P><P>inside2, 192.168.0.0 255.255.0.0 (router-X IP)</P><P>&nbsp;</P><P>Everything works as it should, I can go either from inside1/inside2 to the internet, and I can also access between segments 10.x.x.x &lt;-&gt;&nbsp;192.168.x.x under normal condition</P><P>&nbsp;</P><P>But there is this one accident where the internet connection is down (on the provider side) so I cannot access the internet, but at the same time I also cannot access the other inside interface ( I cannot access 192.168.x.x from 10.x.x.x). this is so weird to me, the inter-segment connection&nbsp;should still be working even without the internet isn't it?</P><P>And as soon as the internet connection is up and active again, the inter-segment connection is also comes up again.</P><P>&nbsp;</P><P>What did I do wrong?</P><P>PLease help me, this is an existing and active production network&nbsp;in my office so i cant just do a trial-and-error here</P><P>Any help will be highly appreciated... thanks!</P> Tue, 12 Mar 2019 05:12:59 GMT https://community.cisco.com/t5/network-security/traffic-between-two-internal-interface-asa/m-p/2573539#M205106 randms2610 2019-03-12T05:12:59Z https://community.cisco.com/t5/network-security/traffic-between-two-internal-interface-asa/m-p/2573540#M205107 <P>Hi <SPAN class="fullname" itemprop="author"><A class="username" href="https://supportforums.cisco.com/users/randms2610" title="View user profile.">randms2610,</A></SPAN></P><P><SPAN class="fullname" itemprop="author">That is weird ! i can't think of a reason unless we know how routing for both segments is working on the router x.</SPAN></P><P><SPAN class="fullname" itemprop="author">Thank you</SPAN></P><P><SPAN class="fullname" itemprop="author">Murali</SPAN></P> Fri, 12 Dec 2014 14:03:51 GMT https://community.cisco.com/t5/network-security/traffic-between-two-internal-interface-asa/m-p/2573540#M205107 Murali 2014-12-12T14:03:51Z https://community.cisco.com/t5/network-security/traffic-between-two-internal-interface-asa/m-p/2573541#M205108 <P>Hello Murali,</P><P>there's nothing fancy in router X routing, only static route</P><P>- ip route 0.0.0.0 0.0.0.0 (ASA g0/2 IP)</P><P>&nbsp;</P><P>this problem has occur again today, and this time all the hosts are showing destination host unreachable message from their own IP</P><P>&nbsp;</P> Fri, 12 Dec 2014 15:45:15 GMT https://community.cisco.com/t5/network-security/traffic-between-two-internal-interface-asa/m-p/2573541#M205108 randms2610 2014-12-12T15:45:15Z