ASA 5516-X - Routing Inside to another Interface

mfdarvesh · ‎02-10-2022

Network diagram is above, Firewall is configured to give internet access to few clients and site to site VPN to few outside entities. My organization recently acquired a web application and they give IP: 192.168.200.98 and Gateway: 192.168.200.97 and web url 10.10.10.25. Now I configured these IPs on laptop and application is working in Google Chrome. I want that Inside network client e.g. 192.168.25.x should be able to access this AQ Network. Assigned these IPs to a Firewall Port, what configuration is required to route traffic 10.10.10.25 to 192.168.100.97 ??

Kasun Bandara · ‎02-10-2022

Hi,

first i cannot see 10.10.10.25 ip range in your diagram.

normally firewall will do routing for directly connected networks if you have added relevant firewall policies. if network not directly connected , you can add static/dynamic routing to get network visibility to firewall.

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB

johnlloyd_13 · ‎02-10-2022

hi,

configure AQ nameif with the same security level with inside (usually it's 100).

then configure same-security-traffic permit inter-interface.

MHM Cisco World · ‎02-11-2022

follow

paul driver · ‎02-11-2022

Hello

@mfdarvesh wrote:

. I want that Inside network client e.g. 192.168.25.x should be able to access this AQ Network. Assigned these IPs to a Firewall Port, what configuration is required to route traffic 10.10.10.25 to 192.168.100.97 ??

As long as the interfaces are of the same security level then as stated - same-security-traffic permit inter-interface should be applicable to allow communication

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul