cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2509
Views
0
Helpful
2
Replies

Packet Tracer vs Real world

bfisher33
Level 1
Level 1

I have attached a simple setup that I cannot get to work with real equipment. I used packet tracer as more of an illustration to explain the problem but it works in packet tracer. The equipment is not avail in packet tracer so I labeled what I have and the running configs are included. Basically factory ASA 5520 management interface plugged into a factory switch and 1 pc also plugged into the switch. Cannot ping from the ASA to the PC. But I can ping from the PC to the ASA. As a side effect the vlan1 interface on the switch picked up the dhcp assignment and I can ping the switch from the ASA or the PC no problem. I know it is something painfully simple that I am overlooking but I just cannot figure it out. This was a much more complicated setup that I tried and tried to get it to work. Finally I just went as simple as I could to find out the problem and will build on it after I get an answer. I have tried access-lists in and out permitting everything but it just will not work.

2 Replies 2

Jon Marshall
Hall of Fame
Hall of Fame

 

If you can ping from the PC to the ASA but not the other way round check your PC for a firewall. 

 

Jon

If the issue is just pinging the PC from the ASA or switch then this is most probably being blocked by the windows firewall on the PC, as Jon has already mentioned.  If you are having issues passing traffic through the ASA between the interfaces then there are a couple things that is the issue here.

1. you are connecting the managment interface, which you are using is configured for management only.  This will not allow data traffic to pass through that ASA interface.  Only to the box traffic is allowed.

2. you are missing the command same-security-traffic permit inter-interface

--
Please remember to select a correct answer and rate helpful posts
Review Cisco Networking for a $25 gift card