Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1381
Views
5
Helpful
16
Replies

Routing problem - ASA

Go to solution
cisco_lite
Level 1
Level 1

‎01-26-2009 01:30 PM - edited ‎03-11-2019 07:42 AM

hi,

I am not able to ping to management interface of ASA from one of the vlans on the inside. Reason is that the route back to my PC takes a different path due to route definition in the routing table of ASA. This route enables internet access. However, when I remove the route and add another route to my PC via different hop (management vlans gateway), ping goes through. But then internet access fails due to lack of related route.

In absence of Policy based routing how can I achieve both the connectivity.

Thanks.

Labels:
0 Helpful
16 Replies 16

Go to solution
cisco_lite
Level 1
Level 1
In response to Jon Marshall

‎02-17-2009 08:44 AM

Thanks for returning on this.

There is only one static NAT entry

static (inside,outside) 5.0.0.99 2.0.0.99 netmask 255.255.255.255

The IP address I am coming from on the inside is 2.0.0.99

The relevant sh xlate is

Global 2.0.0.99 Local 2.0.0.99

(Pls excuse me for not posting complete 'sh xlate' output)

So it is not getting NAT'ed to 5.0.0.99

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to cisco_lite

‎02-17-2009 02:13 PM

Do you have any other NAT statements ie. not just static entries on the inside. Key thing is do you have any nat exemption rules on the inside interface.

It could be that a nat rule is being used before your static entry.

The other thing is have you tried clearing that specific xlate entry

clear xlate 2.0.0.99 (syntax may need changing for FWSM)

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card