Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
351
Views
0
Helpful
1
Replies

outboud traffic session in reply are not allowed

ANDREA GELATI
Level 1
Level 1

‎01-14-2008 03:47 AM - edited ‎03-09-2019 07:51 PM

Hi all,

I have a problem with an ASA5505. Let's say I have LAN1 (10.0.0.0/24) and LAN2 (172.16.0.0/24).

Machines in the LAN1 have the ASA(10.0.0.1) as the Default Gateway and a second router(10.0.0.2) connect the LAN1 to the LAN2. On the ASA device I have, of course, a static route to the 10.0.0.2 for the LAN2 network.

When a session beging from LAN1 to LAN2 everything is fine. When a session begin from LAN2 to LAN1 the ASA blocks the traffic in response.. No access-lists are applied on the inside interface and the same-security-traffic permit intra-interface is present (also tried with and without nat-control). Does anybody know how to work out the problem?

Thanks 4 your help.

Labels:
0 Helpful
1 Reply 1

ANDREA GELATI
Level 1
Level 1

‎01-14-2008 05:36 AM

I have to add just a few things.. unluckily I can't add static routes on the machines in LAN1 nor change the Default Gateway. Basically I can only change the configuration on the ASA device.

That's all.

Thanx.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents