cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7473
Views
15
Helpful
15
Replies

Cisco FTD blocking inside traffic

Arild Andersen
Level 1
Level 1

In our test environment we have tried activate our Cisco FTD 6.2.2.1, but we have one reoccurring problem, the FTD keeps blocking traffic that goes between hosts on the same inside network. When we check the connection log we see that it hits the "Default Action, Monitor Policy"rule. We have also tried to enable a Trust and allow between inside (source) and inside (destination), but it still block the traffic with Default Action as mentioned above.

And as a last resort we tried to add a Prefilter rule with Fastpath to make sure that the FTD does not inspect traffic on the inside network, but still same result as above.

Anyone got some tips to what Im doing wrong or what I should check?

15 Replies 15

Marvin Rhoads
Hall of Fame
Hall of Fame

That's certainly odd. You do have your default IPS policy set for something like "Balanced Security and Connectivity" (vs. block all traffic) right?

 

What does packet-tracer tell you? e.g.:

 

 packet-tracer input inside tcp <some inside host address> 1025 <some other inside host address> 80 detailed