https://community.cisco.com/t5/network-security/communication-between-two-inside-subnets/m-p/1622270#M596265 <HTML><HEAD></HEAD><BODY><P>Ok, so the router is performing the routing between VLANs. That means default gateway on each subnet is the router, hence if</P><P>each subnet needs to communicate with each other, the traffic will not be routed to the ASA. Only when those subnets need to access the Internet, the traffic will be routed towards the ASA.</P></BODY></HTML> Wed, 22 Dec 2010 01:12:23 GMT Jennifer Halim 2010-12-22T01:12:23Z https://community.cisco.com/t5/network-security/communication-between-two-inside-subnets/m-p/1622267#M596262 <P>Hi all,</P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; I have two subnets in the inside network(inside interface connected to a router with different sunets). Packet tracer shows that the packet go the default route which means there is no NAT for the subnet?? I tried to add the following NAT rule which didn't work.</P><P></P><P>Subnets are 192.168.1.0/24 and 10.169.10.0/24</P><P></P><P>static (inside,inside)&nbsp; 10.169.10.0 10.169.10.0 netmask 255.255.255.0 tcp 0 0 udp 0</P><P></P><P>There is a route on the ASA for each of the subnets pointed to the directly connected router!</P><P></P><P></P><P>Thanks,</P><P></P><P>Jean Paul</P> Mon, 11 Mar 2019 19:26:09 GMT https://community.cisco.com/t5/network-security/communication-between-two-inside-subnets/m-p/1622267#M596262 Jean Paul Enerst 2019-03-11T19:26:09Z https://community.cisco.com/t5/network-security/communication-between-two-inside-subnets/m-p/1622268#M596263 <HTML><HEAD></HEAD><BODY><P>If the subnets are actually attached to your internal router, then the traffic between the 2 subnets won't/shouldn't even reach the ASA.</P><P></P><P>Can you share a topology diagram of the subnets? interested to know what is the ASA inside interface, and how are the 2 internal subnets actually connected, whether one is directly connected to the ASA inside interface, and the other is connected to the router, or both are actually connected directly to the router interfaces? configuration will be different depending on how they are actually connected.</P><P>Please also advise what is the default gateway of each subnet.</P></BODY></HTML> Wed, 22 Dec 2010 00:40:31 GMT https://community.cisco.com/t5/network-security/communication-between-two-inside-subnets/m-p/1622268#M596263 Jennifer Halim 2010-12-22T00:40:31Z https://community.cisco.com/t5/network-security/communication-between-two-inside-subnets/m-p/1622269#M596264 <HTML><HEAD></HEAD><BODY><P>Hi Jenn,</P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ASA is connected to a switch which has different vlans and the router is connected to the same which.The router has a default route which send everyting to ASA. ASA and router share an IP subnets(directly connected), and the route is a route on the stick with many subinterface for different vlans.</P><P></P><P>Thanks,</P><P></P><P>Jean Paul</P></BODY></HTML> Wed, 22 Dec 2010 01:07:38 GMT https://community.cisco.com/t5/network-security/communication-between-two-inside-subnets/m-p/1622269#M596264 Jean Paul Enerst 2010-12-22T01:07:38Z https://community.cisco.com/t5/network-security/communication-between-two-inside-subnets/m-p/1622270#M596265 <HTML><HEAD></HEAD><BODY><P>Ok, so the router is performing the routing between VLANs. That means default gateway on each subnet is the router, hence if</P><P>each subnet needs to communicate with each other, the traffic will not be routed to the ASA. Only when those subnets need to access the Internet, the traffic will be routed towards the ASA.</P></BODY></HTML> Wed, 22 Dec 2010 01:12:23 GMT https://community.cisco.com/t5/network-security/communication-between-two-inside-subnets/m-p/1622270#M596265 Jennifer Halim 2010-12-22T01:12:23Z