Hey guys. I posted a few months back about an FPR issue I was having. I had an inside interface 192.168.1.1 and my outside 100.1.1.1. No NAT. Not going out to the internet. I wasnt able to ping from outside in. So I made an acl:

access-list OUT-IN extended permit ip 100.1.1.0 255.255.255.0 192.168.1.0 255.255.255.0

access-group OUT-IN in interface OUTSIDE

access-list IN-OUT extended permit ip 192.168.1.0 255.255.255.0 100.1.1.0 255.255.255.0

access-group IN-OUT in interface INSIDE

That fixed the issue. However, now on the FPR I configured the inside interface as subinterfaces. THis is my config now:

access-list OUT-IN extended permit ip 100.1.1.0 255.255.255.0 192.168.1.0 255.255.255.0

access-group OUT-IN in interface OUTSIDE

access-list IN-OUT extended permit ip 192.168.1.0 255.255.255.0 100.1.1.0 255.255.255.0

access-list IN-OUT extended permit ip 192.168.2.0 255.255.255.0 100.1.1.0 255.255.255.0

access-group IN-OUT in interface INSIDE1 (sub-interface 1)

access-group IN-OUT in interface INSIDE2 (sub-interface 2)

And this doesnt work. I am not able to ping from the outside to any subinterfaces or internal PCs. Im using eve-ng btw. I was thinking maybe its the asa image?