Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1755
Views
0
Helpful
2
Replies

ASA5508x FTD via FMC cant ping to inside interface ip and no internet

Go to solution
Herald Sison
Level 3
Level 3

‎05-09-2022 09:17 PM - edited ‎05-09-2022 09:20 PM

Hi All,

Hope everyone is ok.

I have a problem with my setup for my Cisco ASA5508x FTD managed via FMC that cannot ping the inside interface IP from my local lan and cannot browse the internet, however if i ping 8.8.8.8 4.2.2.2 or any public ip from my cisco core switch i can get a positive ping results but still cannot ping and browse the internet from my laptop.

 

is there a problem with my basic setup or do i need to tweak something form the FMC.

 

here are some screencap of my basic configuration. i have a hard time finding some buttons and pages from the FMC since this is my first time using FMC to manage a cisco firewall and the CLI has changed because I prefer more on the traditional CLI and ASDM.

 

Also i am planning to clear or reset all the config on my FTD and FMC so i can start fresh but i am not confident on pressing the reset button on the hardware itself because i saw some forums saying it may break something on the hardware. if someone can give me an advise on how to do it safely without breaking the hardware itself.

 

my setup is simple, i have 2 outside WAN for failover and 1 inside LAN:

 

Outside Interface1:                                                                         

outside interface 1.jpg 

 

Outside Interface2:

outside interface 2.jpg

 

Static Routing Outside1:

StaticRoute1.jpg

 

Static Routing Outside2:

StaticRoute2.jpg

 

Access Control Policy:

Acess Control Policy.jpg

 

NAT Config:

NAT.jpg

 

and also i get this error a lot: 

does this affect to any functionality of the FTD?

 

111.jpg

 

 

I appreciate any advise from anyone. 

Thank you

Have a nice day ahead.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-10-2022 04:59 AM

Is your inside zone a single subnet? If not have you added a route for FTD to reach the gateway for the other subnets?

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-10-2022 04:59 AM

Is your inside zone a single subnet? If not have you added a route for FTD to reach the gateway for the other subnets?

0 Helpful

Go to solution
Herald Sison
Level 3
Level 3
In response to Marvin Rhoads

‎05-10-2022 08:00 PM

Hi Sir, yes i have multiple subnet but everything is working now, i just added a static route from inside interface to coreswitch gateway. but i have another problem now. i still cant ping the Firewall Inside interface IP which is 172.21.1.1. 

 

my coreswitch ip is 172.21.1.2 and my inside interface for my firewall is 172.21.1.1.

 

i tried pinging the coreswitch from FTD's CLI i am getting a successful ping but if i ping from coreswitch to FTD i get an RTO.

 

i am confused.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card