ASA 5506x: cant ping outside from inside when connected behind two switches

maseno · ‎11-01-2017

hi! having a problem with ASA 5506x, I have configured the the firewall on transparent mode, am able to ping 8.8.8.8 on the firewall. I have several switches in my LAN, the problem is when I connect one switch directly to the firewall and connect a computer to the switch am able to ping 8.8.8.8 but when i connect all the switches to the core switch I can access the the net but I cant ping 8.8.8.8 from any host in the LAN. kindly help.

below is the simple configuration

interface BVI 1

ip address 192.168.50.9

interface gi 1/1

nameif outside

security- level 0

bridge group 1

no shut

interface gi 1/2

nameif inside

security- level 100

bridge group 1

no shut

policy-map global_policy

class inspection_default

inspect icmp

inspect icmp error

route outside 0.0.0.0 0.0.0.0 192.168.50.1

route inside 192.168.50.0 255.255.255.0 40.135.250.120

thank you.

Flavio Miranda · ‎11-01-2017

Hello @maseno

I'm trying to understand you problem. You said:

"when I connect one switch directly to the firewall and connect a computer to the switch am able to ping 8.8.8.8 but when i connect all the switches to the core switch I can access the the net but I cant ping 8.8.8.8 from any host in the LAN. kindly help."

The first part:

Where is the firewall connected?

Second part:

With all switches, what to you mean by net ? And on this scenario, you still have the firewall or is it the switches and core only?

Can you share the topology?

-If I helped you somehow, please, rate it as useful.-

maseno · ‎11-01-2017

Hi Flavio! attached is the topology, sorry for wrong use of words, it
should be internet instead of Net and the switch connected to the firewall
is a normal switch not a core switch. Hope am clear this time. Thank you.