Unassociated the access-list

CSCO12047997 · ‎02-09-2015

ASA is dropping all traffic to the interfaces.

Routing is fine as traffic FROM the ASA reaches anywhere needed fine.

Via the packet capture it can be seen that the implicit deny rule is blocking traffic. I have added an any-any rule (as this is testing) yet still I can see via packet capture that the implicit deny is blocking traffic. I am not sure why this is happening. I have associated the access-lists to the correct interfaces yet all traffic is being dropped.

APPIREDDY · ‎02-09-2015

Hi

Do not associate the access-list to inside interface at all and report back. Please do this report back the following

show route

show nat

show run nat

show xlate

show run access-list

show access-list

also it would help us if you share the running config.

CSCO12047997 · ‎02-09-2015

Unassociated the access-list - made no difference.

CSCO12047997 · ‎02-09-2015

Turns out the issue was a NAT created directly with an interface which drops all traffic.

APPIREDDY · ‎02-09-2015

OK. is it all working now?

CSCO12047997 · ‎02-09-2015

Yea it seems to be working now. Once I reconfigured that specific NAT

APPIREDDY · ‎02-09-2015

good. you don't mind can you let me know which one?

CSCO12047997 · ‎02-09-2015

of course it was the following:

static (outside,inside) interface VPN_Tunnel-NAT netmask 255.255.255.255

APPIREDDY · ‎02-09-2015

thanks for that. I'm glad it's all sorted.

ASA dropping all traffic