11-30-2023 08:20 PM - edited 11-30-2023 08:26 PM
Hello Everyone,
So, I've been having issues with my ASA, with the host pinging, I'm only being able to get two replies or one reply back from its interface address. I can also ping the router, but I only get one reply back from the router or no response back. I don't know what could be going on.
So, here's the rundown. I have two PCs. Each one is connected to a separate interface on the ASA, which is G1/2 and G1/1. I also have a 1940 router connected to the G1/4 interface. Also, everything is on the same subnet.
Here's the configuration:
ciscoasa(config)#exit
ciscoasa#show run
: Saved
:
ASA Version 9.6(1)
!
hostname ciscoasa
names
!
interface GigabitEthernet1/1
nameif PC-2
security-level 100
ip address 10.210.200.5 255.255.255.0
!
interface GigabitEthernet1/2
nameif PC-1
security-level 100
ip address 10.210.200.4 255.255.255.0
!
interface GigabitEthernet1/3
no nameif
no security-level
no ip address
shutdown
!
interface GigabitEthernet1/4
nameif R-A
security-level 100
ip address 10.210.200.2 255.255.255.0
!
interface GigabitEthernet1/5
no nameif
no security-level
no ip address
shutdown
!
interface GigabitEthernet1/6
no nameif
no security-level
no ip address
shutdown
!
interface GigabitEthernet1/7
no nameif
no security-level
no ip address
shutdown
!
interface GigabitEthernet1/8
no nameif
no security-level
no ip address
shutdown
!
interface Management1/1
management-only
no nameif
no security-level
no ip address
shutdown
!
object network p1
subnet 10.210.200.0 255.255.255.0
nat (PC-1,R-A) dynamic interface
!
route R-A 0.0.0.0 0.0.0.0 10.210.200.1 1
!
access-list ip extended permit icmp any any
!
!
!
!
class-map inspection_default
match default-inspection-traffic
class-map inspection_def
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect icmp
inspect tftp
!
service-policy global_policy global
!
telnet timeout 5
ssh timeout 5
!
!
!
!
Solved! Go to Solution.
11-30-2023 08:37 PM
Friend asa is work like router not like sw'
You can not connect multi devices with same subnet to asa.
You need to assign different ip for each pc and router.
Also you need
Same secuirty traffic permit intra interface
Same secuirty traffic permit inter interface
MHM
11-30-2023 08:37 PM
Friend asa is work like router not like sw'
You can not connect multi devices with same subnet to asa.
You need to assign different ip for each pc and router.
Also you need
Same secuirty traffic permit intra interface
Same secuirty traffic permit inter interface
MHM
12-02-2023 11:04 AM
Thank you so much. I got it to work.
12-02-2023 11:07 AM
You are so welcome
Have a nice weekend
MHM
12-01-2023 03:16 AM
what model of ASA ?
why do you need same subnet in all the interface ? (what is the requirement ?)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide