Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3554
Views
0
Helpful
5
Replies

Route to the same interface on Cisco ASA 5510

susleman
Cisco Employee
Cisco Employee

‎09-15-2011 12:56 AM - edited ‎03-11-2019 02:25 PM

Hi,

I would like to route traffic that are coming in and going out to the same interface on ASA. I am using inside interface with security-level 100.  In this URL, http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a0080734db7.shtml, ASA is able to do that.

Any one can help to explain ? I have configured the same as in the URL.

thanks in advance.

regards

-santo-

Labels:
0 Helpful
5 Replies 5

varrao
Level 10
Level 10

‎09-15-2011 01:07 AM

Hi Susanto,

The document that you have is for u-turning or hairpin traffic on ASA interface, Can you tell me if you are facing any confusion on the document?? It is for the scenario in which lets assume that on your internal lan if all the machines wants to access eachother and default gateway for those machines is the firewall, so when the request comes to the ASA, it would u-turn the traffic and route it to the internal destination machine.

Let me know what you are trying to configure so that I can help you better.

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful

susleman
Cisco Employee
Cisco Employee
In response to varrao

‎09-15-2011 01:28 AM

Hi Varun,

Basically the setup is pretty much the same as in the url but somehow I dont sure why I cant ping to the destination. Routing in the PC and ASA are correct. All PC point to .2 as default gateway. Static route inside for 172.16.255.0/24 to .250.

here is my topology                                                            172.16.255.0/24

                                                                                        ----------------------

                                                                                                  |  .1

                                                                                                  |

                                            Cisco ASA                                 ROUTER

                                                   | .1                                          | .250

                                                   |                                              |

                                                   |    192.168.2.0/24                     |

                                                 -------------------------------------------------|

                                                                        |

                                                                        |

                                                                        |

                                                                    Users

All the users's gateway is pointing to Cisco ASA ( 192.168.2.1 ). and my users are not able to ping 172.16.255.1, is this expected behavior ? But if my understanding is correct, according to the URL, my setup should be able to ping 172.16.255.1

many thanks

-santo-

0 Helpful

varrao
Level 10
Level 10
In response to susleman

‎09-15-2011 01:42 AM

Are you able to ping with this command:

ping inside 172.16.255.1

Varun

Thanks,
Varun Rao
0 Helpful

susleman
Cisco Employee
Cisco Employee
In response to varrao

‎09-15-2011 01:47 AM

Hi Varun,

Yes, I can ping from ASA to  that IP address.

regards

-santo-

0 Helpful

varrao
Level 10
Level 10
In response to susleman

‎09-15-2011 05:32 AM

Hi Susanto,

Is the 172.16.255.1 the ip add of remote interface of the router, if it is, then i am afraid it should nolt ping as per design feature. Are you able to ping the machines in 172.16.255.0 subnet, because if yes, then it is working fine and you just wont be bale to ping 172.16.255.1 ip.

-Varun

Thanks,
Varun Rao
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card