cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1024
Views
0
Helpful
0
Replies

ASA5505 can't access different vlans

cyyuen2000
Level 1
Level 1

Hi,

 

The ASA has Security Plus license and I config below two vlans with same security level, why they can't ping each others?

 

ASA Version 9.2(4)

 

This platform has an ASA 5505 Security Plus license.

 

interface Vlan1
nameif inside
security-level 100
ip address 192.168.15.1 255.255.255.0

 

interface Vlan30
nameif WestEnd
security-level 100
ip address 192.168.30.1 255.255.255.0

 

same-security-traffic permit inter-interface

 

Packer-tracer result ... below , they are in the same ASA and 

 

packet-tracer input inside icmp 192.168.15.1 8 0 192.168.30.1

Phase: 1
Type: ROUTE-LOOKUP
Subtype: Resolve Egress Interface
Result: ALLOW
Config:
Additional Information:
in 192.168.30.1 255.255.255.255 identity

Phase: 2
Type: ROUTE-LOOKUP
Subtype: Resolve Egress Interface
Result: ALLOW
Config:
Additional Information:
in 192.168.15.1 255.255.255.255 identity

Result:
input-interface: inside
input-status: up
input-line-status: up
output-interface: NP Identity Ifc
output-status: up
output-line-status: up
Action: drop
Drop-reason: (rpf-violated) Reverse-path verify failed

 

Thank you

 

 

 

 

0 Replies 0
Review Cisco Networking for a $25 gift card