cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
194
Views
0
Helpful
1
Replies

ASA Dropping Packets destined to internal router from internal network

toddjustice
Beginner
Beginner

Hi guys,

 

I'm beating my head.  I have this working perfectly at one site, and it won't work at another.

Scenario:

Site has a new external vendor coming in.  Vendor has installed a router on the internal network going to 172.16.207.187/32 (on the other end).  Internal interface of said router is 10.16.135.4/24.  Internal interface of ASA (router of last resort on network) is 10.16.135.1/24.  I have added a static route on the ASA to point any traffic destined for 172.16.207.187/32 to 10.16.135.4.  The ASA is dropping the packet.  Packet tracer is stating the packet matches the implicit deny rule.

 

ASA 5512-X and is v9.0.3.  I have another site with an ASA 5505 v9.0.3 and this works PERFECTLY without any config change.

 

I have tried adding ACLs from the internal network to the remote IP and the ASA never matches the traffic.

Ideas?  Thoughts?

1 Reply 1

Henrik Grankvist
Enthusiast
Enthusiast

Hi

Post your config and a picture of the topology.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers