08-12-2020 11:06 AM
i have recently configured a azure to asa site to site policy base vpn. Devices on the inside subnet can reach azure subnet. But when i try to ping azure subnet from ASA it fails. This makes LDAP authentication to fail since the ASA cant reach the LDAP server on the azure subnet. i executed a trace route to azure subnet it ends up heading out of outside interface not the vpn tunnel.
08-12-2020 11:17 AM
08-12-2020 11:53 AM
08-12-2020 11:58 AM
08-12-2020 12:01 PM
08-12-2020 12:18 PM
08-12-2020 12:22 PM
08-12-2020 12:42 PM
08-12-2020 01:00 PM
08-12-2020 07:37 PM
Would this work
My outside interface of ASA is 103.31.114.116
Azure subnet are: 10.0.0.0 ,10.0.1.0
access-list Azure-acl line 2 extended permit ip object 103.31.114.116-ASA-OUTSIDE object-group Azure-NET (hitcnt=0) 0x306ca30a
access-list Azure-acl line 2 extended permit ip host 103.31.114.116 10.0.0.0 255.255.255.0 (hitcnt=0) 0x3eeca94b
access-list Azure-acl line 2 extended permit ip host 103.31.114.116 10.0.1.0 255.255.255.0 (hitcnt=0) 0xcd0de5a4
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide