Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4763
Views
0
Helpful
16
Replies

ASA - implicit deny issue

CSCO12047997
Level 1
Level 1

‎02-06-2015 11:39 AM - edited ‎03-11-2019 10:28 PM

I am having issues with a new ASA deployment.

I have an inside interface connected and routing into my network (I can ping pretty much everything I need to).  The issue is the return traffic.  All return traffic seems to be being blocked despite the fact I have an ACL rule explicitly allowing it.

When I ran the packet tracer tool it told me my implicit deny rule was blocking the traffic but why would that be the case if I have a rule specifically allowing this traffic?

Since ACLs rules are read in order shouldn't this traffic never even reach the implicit deny?

 

Thanks.

1 person had this problem
Labels:
0 Helpful
16 Replies 16

CSCO12047997
Level 1
Level 1
In response to APPIREDDY

‎02-09-2015 10:26 AM

Did this.  Made no difference.

0 Helpful

David paull
Level 1
Level 1
In response to CSCO12047997

‎02-06-2015 06:25 PM

I see no rules that would allow 10.20.0.13 -> 10.20.0.200 ICMP traffic whatsoever in your configuration that you provided.  The packet-tracer is working correctly.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card