cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
1001
Views
5
Helpful
2
Replies

FTD 2120 -problem with traffic in DMZ

michael.busch67
Level 1
Level 1

Hi, 

we're trying to implement a new ftd 2120 in our network. It should replace an old ASA 5505(same ip-addresses). 

We've tried it last weekend, it worked so far but we had trouble with the traffic coming from a seperate vpn-gw in the DMZ to our proxy server in the dmz.

From the proxy it was possible to ping the vpn-client but the vpn client wasn't able to reach the proxy. The access controll policies were set to go through while we tried to find the issue. On the ftd you didn't get any hitcounts. The vpn clients are able to reach all the servers in our network that coultd be reached without the proxy. I' ve painted a little sketch.

 

Any Idea?

 

Best Regards

Michael

2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

Make sure proxy have routing table.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Hi BB,

I think when it is possible to reach the vpn-client via ping than there is a route.

I've had a look at the proxy, there is a default route.

But the vpn-client himself cannot make a connection to the proxy.

Best Regards 

Michael

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: