Hi All,
I have ASA with default configuration running IOS 8.4(2). I am working in GNS3.
Inside interface IP is 10.1.1.1/24, Outside interface IP is 1.1.1.1/24.
IP configured in server is 10.1.1.2 which is natted to 1.1.1.20. and IP of other server is 10.1.1.3 natted to 1.1.1.30.
Now when I try to ping the IP 1.1.1.30 from server 10.1.1.2 or from 10.1.1.3, I am unable to ping.
Below is configuration. Please help me what is missing in the configuration
ASA1# show run
: Saved
:
ASA Version 8.4(2)
!
hostname ASA1
names
!
interface GigabitEthernet0
nameif outside
security-level 0
ip address 1.1.1.1 255.255.255.0
!
interface GigabitEthernet2
no nameif
no security-level
no ip address
!
interface GigabitEthernet3
no nameif
no security-level
no ip address
!
interface Redundant1
member-interface GigabitEthernet2
member-interface GigabitEthernet3
nameif inside
security-level 100
ip address 10.1.1.1 255.255.255.0
!
ftp mode passive
object network 10.1.1.2
host 10.1.1.2
object network 10.1.1.3
host 10.1.1.3
access-list Out-In extended permit icmp host 2.2.2.20 host 10.1.1.2
access-list Out-In extended permit icmp host 2.2.2.20 host 10.1.1.3
access-list Out-In extended permit icmp host 2.2.2.30 host 10.1.1.2
access-list Out-In extended permit icmp host 2.2.2.30 host 10.1.1.3
access-list Out-In extended permit tcp host 2.2.2.20 host 10.1.1.2 eq 3389
object network 10.1.1.2
nat (inside,outside) static 1.1.1.20
object network 10.1.1.3
nat (inside,outside) static 1.1.1.30
access-group Out-In in interface outside
route outside 0.0.0.0 0.0.0.0 1.1.1.2 1
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect netbios
inspect tftp
inspect icmp
