Hi,

I'm checking the communication between the nodes connected to subinterfaces and physical ports. I can ping from the nodes connected to subinterfaces to the firewall but not from the nodes on the physical ports to the firewall. Please check my configurations below, and give me your comments on what I'm missing.

<ASA Firewall>
interface GigabitEthernet0/1
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/1.711
vlan 711
bridge-group 1
nameif inside_1
security-level 100
!
interface GigabitEthernet0/1.717
vlan 717
bridge-group 1
nameif inside_2
security-level 100
!
interface GigabitEthernet0/2
bridge-group 1
nameif outside_1
security-level 50
!
interface GigabitEthernet0/3
bridge-group 1
nameif outside_2
security-level 50
!
interface BVI1
no nameif
no security-level
ip address 10.89.109.201 255.255.255.0

object-group service DM_INLINE_SERVICE_1
service-object ip
service-object icmp
service-object icmp echo
object-group service DM_INLINE_SERVICE_2
service-object ip
service-object icmp
service-object icmp echo
object-group service DM_INLINE_SERVICE_3
service-object ip
service-object icmp
service-object icmp echo
object-group service DM_INLINE_SERVICE_4
service-object ip
service-object icmp
service-object icmp echo

access-group outside_2_access_in in interface outside_2
access-group inside_1_access_in in interface inside_1
access-group outside_1_access_in in interface outside_1
access-group inside_2_access_in in interface inside_2
access-list outside_tdi_access_in extended permit object-group DM_INLINE_SERVICE_1 any any
access-list inside_tdi_access_in extended permit object-group DM_INLINE_SERVICE_2 any any
access-list inside_dsm_access_in extended permit object-group DM_INLINE_SERVICE_3 any any
access-list outside_dsm_access_in extended permit object-group DM_INLINE_SERVICE_4 any any

<Inside Switch>
interface GigabitEthernet1/0/1
switchport access vlan 711
switchport mode access
!
interface GigabitEthernet1/0/2
switchport access vlan 717
switchport mode access
!
interface GigabitEthernet1/0/8
switchport trunk allowed vlan 711,717
switchport mode trunk

<Outside Switch>
interface GigabitEthernet1/0/1
switchport access vlan 711
switchport mode access
!
interface GigabitEthernet1/0/2
switchport access vlan 717
switchport mode access