I have ASA 5512 configured like below:
g0/0 : outside ---> security 0, connect to the internet via GW router, private IP /30, no NAT (NAT is occur on the GW router)
g0/1 : inside1 ---> security 100, connect directly to LAN 10.x.x.x
g0/2 : inside2 ----> security 100, connect to another router, lets call it router-X using /30 private IP, and behind that router is another LAN in segment 192.168.x.x
I configured via ASDM and have enabled the option "Enable traffic between two or more interfaces which are configured with the same security level"
Routing in ASA:
outside, 0.0.0.0 0.0.0.0 (GW router IP)
inside2, 192.168.0.0 255.255.0.0 (router-X IP)
Everything works as it should, I can go either from inside1/inside2 to the internet, and I can also access between segments 10.x.x.x <-> 192.168.x.x under normal condition
But there is this one accident where the internet connection is down (on the provider side) so I cannot access the internet, but at the same time I also cannot access the other inside interface ( I cannot access 192.168.x.x from 10.x.x.x). this is so weird to me, the inter-segment connection should still be working even without the internet isn't it?
And as soon as the internet connection is up and active again, the inter-segment connection is also comes up again.
What did I do wrong?
PLease help me, this is an existing and active production network in my office so i cant just do a trial-and-error here
Any help will be highly appreciated... thanks!
That is weird ! i can't think of a reason unless we know how routing for both segments is working on the router x.
there's nothing fancy in router X routing, only static route
- ip route 0.0.0.0 0.0.0.0 (ASA g0/2 IP)
this problem has occur again today, and this time all the hosts are showing destination host unreachable message from their own IP