09-02-2008 07:29 AM - edited 03-09-2019 09:23 PM
Hi,
I get the critical alert.
Deny IP spoof from (192.168.97.16) to virtual_plc on interface outside
Which I understand because both addresses are on the same subnet, yet on different interfaces.
However I would like them to communicate, how do I do that please?
I have attached a drawing of the network.
We VPN into our customer's site, where the VPN server gives us the 192.168.97.x address.
The customer's network is 151.133.100.x where our router is at 151.133.100.80.
We static NAT 151.133.100.81 and 151.133.100.81 thru to 192.168.100.180 and 192.168.100.184 respectively.
Our router is an ASA5505
Thanks in advance.
John
Solved! Go to Solution.
09-03-2008 08:11 AM
Ah ha, you have no default route defined.
route outside 0.0.0.0 0.0.0.0 x.x.x.x
x.x.x.x = inside ip of the other ASA that you are vpn'ing into.
09-02-2008 09:43 AM
Which firewall in the diagram are you vpn'ing to?
09-02-2008 10:17 AM
The first one - NOT the ASA5505 on the slicer
09-02-2008 10:42 AM
What is the subnet mask of the slicer inside network? You could try to disable it with
no ip verify reverse-path interface outside
09-02-2008 11:08 AM
The Inside subnet mask is 255.255.255.0
I will try this when I get to work tomorrow.
Thanks
09-03-2008 07:47 AM
I added the - no ip verify reverse-path interface outside
Now though, I get the error
Failed to locate egress interface for TCP from outside:192.168.97.x
How do I get back from the slicer network to the VPN's?
09-03-2008 07:56 AM
Could you post the config from your ASA?
09-03-2008 08:01 AM
09-03-2008 08:11 AM
Ah ha, you have no default route defined.
route outside 0.0.0.0 0.0.0.0 x.x.x.x
x.x.x.x = inside ip of the other ASA that you are vpn'ing into.
09-03-2008 08:50 AM
Thank you for your help, I am now back at home - I shall try that first thing in the morning.
John.
09-04-2008 05:35 AM
09-04-2008 07:06 AM
could it be multicast-routing, it was not enabled yesterday?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide