Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1382
Views
0
Helpful
13
Replies

ASA isn't Routing Traffic

Go to solution
tsetsetsetsetsetset
Level 1
Level 1

‎10-15-2017 02:52 PM - last edited on ‎02-21-2020 11:34 PM by Community Manager

I've spun up an ASA in packet-tracer and I've set up some device as shown below:

 

PC A - 192.168.1.2

ASA - 192.168.1.1 / 172.16.1.1

PC B - 172.16.1.2

 

Both PCs are able to ping the ASA but can't get to each other. I've set an all ICMP ACL so I would think I'm good to go. I'll post the ASA config below:

 

 

: Saved
:
ASA Version 8.4(2)
!
hostname ciscoasa
names
!
interface Ethernet0/0
!
interface Ethernet0/1
 switchport access vlan 2
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
interface Vlan1
 nameif inside
 security-level 100
 ip address 192.168.1.1 255.255.255.0
!
interface Vlan2
 nameif outside
 security-level 50
 ip address 172.16.1.1 255.255.255.0
!
!
!
access-list all extended permit tcp any any
access-list all extended permit icmp any any
!
!
access-group all in interface inside
access-group all in interface outside
access-group all out interface inside
access-group all out interface outside
!
!
!
group-policy test internal
!
!
!
!
telnet timeout 5
ssh timeout 5
!
dhcpd auto_config outside
!
!
dhcpd address 192.168.1.5-192.168.1.36 inside
dhcpd enable inside

 

Can anyone see what the issue is?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Flavio Miranda
VIP
VIP
In response to tsetsetsetsetsetset

‎10-15-2017 04:55 PM

Hello @tsetsetsetsetsetset

 

Your problem is a Typo on the PC with IP address 192.168.1.2. You put 192.158.1.2.

 Correct that and will be ok. I could ping from both side with no problem.

 

-If I helped you somehow, please, rate it as useful.-

View solution in original post

0 Helpful
13 Replies 13

Go to solution
Flavio Miranda
VIP
VIP

‎10-15-2017 03:26 PM

Hello @tsetsetsetsetsetset

 

Please, share your Packet Tracer file. You can go to "File" tab and Save As PKZ.

After that save file in your machine, rename it as file.pkz.txt and attach here.

 This is the easiest way to help you.

Waiting for you file.

 

-If I helped you somehow, please, rate it as useful.-

0 Helpful

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni

‎10-15-2017 03:41 PM

Hi

 

Your config seems ok.

Can you share the output of the following command:

packet-tracer input inside icmp 192.168.1.2 8 0 172.16.1.2

 


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Go to solution
tsetsetsetsetsetset
Level 1
Level 1
In response to Francesco Molino

‎10-15-2017 03:51 PM

I tried this initially. Doesn't seem Packet Tracer lets you use the packet-tracer command, unless I'm doing something wrong.

0 Helpful

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to tsetsetsetsetsetset

‎10-15-2017 03:53 PM

if you copy/paste the command I sent it has to work.
Can you have a try and let us know?

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Go to solution
Flavio Miranda
VIP
VIP
In response to tsetsetsetsetsetset

‎10-15-2017 04:00 PM

Packet Tracert  ASA has not the same command as real ASA.

 Send me you pkz file as I said and let me take a look.

 

 

 

-If I helped you somehow, please, rate it as useful.-

0 Helpful

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to tsetsetsetsetsetset

‎10-15-2017 04:03 PM

Sorry I missed you were talking about Packet Tracer simulator tool. I get confused. Yeah, you're right this command won't work.
As Flavio said, share the pkt file to take a look at it.


Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Go to solution
tsetsetsetsetsetset
Level 1
Level 1
In response to Francesco Molino

‎10-15-2017 04:04 PM - edited ‎10-15-2017 04:05 PM

Had to upload as a tar because there are file extension restrictions. Should be able to change the extension back to pkz and open.

asa routing.tar
0 Helpful

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to tsetsetsetsetsetset

‎10-15-2017 04:33 PM

I'm sorry but I only have packet tracer 5.3 and your file can't be opened in my software version.
Can you share a link where I can download the same software version as yours to be able to help you out?

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Go to solution
Francesco Molino
VIP Alumni
VIP Alumni
In response to tsetsetsetsetsetset

‎10-15-2017 04:51 PM

Which version you used? I have downloaded 7.1 and still not working

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
0 Helpful

Go to solution
Flavio Miranda
VIP
VIP
In response to tsetsetsetsetsetset

‎10-15-2017 04:55 PM

Hello @tsetsetsetsetsetset

 

Your problem is a Typo on the PC with IP address 192.168.1.2. You put 192.158.1.2.

 Correct that and will be ok. I could ping from both side with no problem.

 

-If I helped you somehow, please, rate it as useful.-

0 Helpful

Go to solution
tsetsetsetsetsetset
Level 1
Level 1
In response to Flavio Miranda

‎10-15-2017 05:07 PM

That was it, typo on the gateway. Next time instead of assuming I did something wrong I'll take a another look...
0 Helpful

Go to solution
Flavio Miranda
VIP
VIP
In response to tsetsetsetsetsetset

‎10-15-2017 05:11 PM

That happens man. Keep up!!

 

 

 

 

 

-If I helped you somehow, please, rate it as useful.-

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card