I've got an ASA running 8.4
I'm trying to get a simple ACL to work, but I'm failing miserably. The core guts of my config are:
ip address 172.18.0.1 255.255.255.0
ip address 172.18.1.1 255.255.255.0
object network LAN_1_host
object network LAN_2_host
access-list LAN_1_access_in extended permit icmp any object LAN_2_host
access-group LAN_1_access_in in interface LAN_1
There are no other access-list or access-group commands. There are no NAT commands.
I cannot ping LAN_2_host from LAN_1_host.
I can ping both hosts from the ASA itself.
If I replace the ASA with a router, I can ping fine.
If I use the ASDM packet tracer, it tells me that the packet is being blocked by a default access list.
What am I missing to make this work ? I this case, I don't want to NAT, I just want to have a basic ACL.
Solved! Go to Solution.