Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
308
Views
0
Helpful
2
Replies

Inter Vlan Routing (Cisco ASA)

Atasawar1
Level 1
Level 1

‎08-13-2017 03:25 PM - edited ‎03-12-2019 02:48 AM

I have multiple Vlans on Cisco ASA. 

All of them have same security level. I have configured same-security-traffic permit inter-interface however still users of Vlan x are not able to ping users in Vlan y. 

If someone can help me out how to enable communication between same security level interfaces. 

Thanks in Advance. 

Labels:
0 Helpful
2 Replies 2

Aditya Ganjoo
Cisco Employee
Cisco Employee

‎08-13-2017 10:23 PM

Hi,

Can you share the packet tracer output of any two VLAN's?

Also, do you have any NAT config for the VLAN's?

Regards,

Aditya

Please rate helpful and mark correct answers

0 Helpful

Mohammad Alhyari
Cisco Employee
Cisco Employee

‎08-14-2017 02:30 AM

Follow this approach 

1- packet captures 

https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/118097-configure-asa-00.html

2- packet tracer 

https://supportforums.cisco.com/document/29601/troubleshooting-access-problems-using-packet-tracer

3- asp drop captures 

cap asp type asp drop all

test and then show cap asp | i your ip

4- logging 

logging buffered debugging 

test and then show logging | i ip

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card