Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
210
Views
0
Helpful
2
Replies

ASA traffic flow question

Go to solution
andrewswanson
Level 7
Level 7

‎12-09-2015 08:59 AM - edited ‎03-12-2019 12:01 AM

Hello

I have an edge ASA 5585-X SSP 20 (asa915-smp-k8.bin) which currently has SSL VPN enabled on the Outside interface for use by clients outside. I've been asked to move the termination of SSL VPN for Outside clients onto another ASA interface but I'm running into the same kind of issue highlighted in th following thread:

https://supportforums.cisco.com/discussion/11708986/should-inside-host-be-able-ping-asa-dmz-interface-ip

In the thread someone states that:

"traffic going to a distant, far-end interface will not be accepted by the ASA"

Is it the case that the traffic entering an ASA on one interface cannot be destined for the IP address of another ASA interface?

Thanks
Andy

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-09-2015 09:01 AM

Yes that is the case (except for some corner case exceptions for ASA management).

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎12-09-2015 09:01 AM

Yes that is the case (except for some corner case exceptions for ASA management).

0 Helpful

Go to solution
andrewswanson
Level 7
Level 7
In response to Marvin Rhoads

‎12-09-2015 09:03 AM

Thanks for the prompt response Marvin

Cheers

Andy

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card