Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
506
Views
0
Helpful
2
Replies

Checkpoint and ASA

Go to solution
swashbuckler
Level 1
Level 1

‎03-06-2014 07:48 AM - edited ‎03-11-2019 08:54 PM

Inside I have 2 networks: 10.10.x.x and a 10.199.x.x

My ASA interfaces was the following:

E0/0 Public IP

E0/1 10.199.1.2/24

E0/2 10.10.144.47/22

I put a checkpoint in front of the ASA and changed to the following:

Checkpoint Ext. 10.10.144.47/22

Checkpoint Int. 192.168.1.1/30

ASA E0/1 10.199.1.2/24

ASA E0/2 192.168.1.2/30

Now I am having trouble talking between the networks 10.199.x.x and 10.10.144. x

I have attached ASA config.

Thanks in advance on any help provided

Labels:
15377227-ASA.txt.zip
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎03-07-2014 12:58 AM

Hi,

So if I am looking correct then the "insideNOV" interface leads to the Checkpoint which has the other LAN network behind it?

The interface ACL for the interface is not really clear to me as it contains a lot of "name" and "object-group" references which are not mentioned. It seems though that on multiple occasions you have referenced the NOV network as the destination. Should this not be the source network as that network is located behind that interface?

Also with regards to the routing you have only shared your Default Route in the configuration.

Do you have a route for the NOV network towards "insideNOV" ?

route insideNOV 10.10.144.0 255.255.252.0 192.168.1.1

Does the Checkpoint have the appropriate routing and other configurations to allow the traffic?

- Jouni

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎03-07-2014 12:58 AM

Hi,

So if I am looking correct then the "insideNOV" interface leads to the Checkpoint which has the other LAN network behind it?

The interface ACL for the interface is not really clear to me as it contains a lot of "name" and "object-group" references which are not mentioned. It seems though that on multiple occasions you have referenced the NOV network as the destination. Should this not be the source network as that network is located behind that interface?

Also with regards to the routing you have only shared your Default Route in the configuration.

Do you have a route for the NOV network towards "insideNOV" ?

route insideNOV 10.10.144.0 255.255.252.0 192.168.1.1

Does the Checkpoint have the appropriate routing and other configurations to allow the traffic?

- Jouni

0 Helpful

Go to solution
swashbuckler
Level 1
Level 1
In response to Jouni Forss

‎03-07-2014 09:21 AM

Jouni,

Thanks so much, I was forgeting the insideNOV inside the command.

Thanks again,

Bobby

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card