Hi everyone!

I have a firewall ASA 5520. In this time I have connected 3 networks (192.168.1.0 INSIDE, 192.168.2.0 INSIDE2, 10.0.1.0 OUTSIDE). I follow the article

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080b7c91b.shtml to configure my firewall, but the ASA no permit  traffic (ip, udp, icmp, etc) between the networks.

The configuration that i have is:

ASA Version 8.2(1)

!

hostname Firewall

domain-name xxxxxx.com

enable password yO4Ejs1n.tA6HaQV encrypted

passwd yO4Ejs1n.tA6HaQV encrypted

names

!

interface GigabitEthernet0/0

description Interfaz switch segmento#1

nameif INSIDE

security-level 0

ip address 192.168.1.97 255.255.255.0

!

interface GigabitEthernet0/1

description Interfaz Router 2901

nameif OUTSIDE

security-level 0

ip address 10.0.1.2 255.255.255.0

!

interface GigabitEthernet0/2

description Interfaz DMZ hacia SG500

shutdown

nameif DMZ

security-level 100

no ip address

!

interface GigabitEthernet0/3

description Interfaz switch segmento#2

nameif INSIDE2

security-level 100

ip address 192.168.2.97 255.255.255.0

!

interface Management0/0

nameif Managment

security-level 100

no ip address

!

ftp mode passive

clock timezone PST -4 30

dns server-group DefaultDNS

domain-name xxxxxx.com

object-group network LISTA_OBJETOS

network-object 0.0.0.0 0.0.0.0

pager lines 24

logging asdm informational

mtu INSIDE 1500

mtu OUTSIDE 1500

mtu DMZ 1500

mtu INSIDE2 1500

mtu Managment 1500

no failover

icmp unreachable rate-limit 1 burst-size 1

no asdm history enable

arp timeout 14400

nat (INSIDE) 1 0.0.0.0 10.0.1.0 outside

route OUTSIDE 0.0.0.0 0.0.0.0 10.0.1.1 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

dynamic-access-policy-record DfltAccessPolicy

http server enable

http 192.168.1.0 255.255.255.0 Managment

http 192.168.1.0 255.255.255.0 INSIDE

no snmp-server location

no snmp-server contact

crypto ipsec security-association lifetime seconds 28800

crypto ipsec security-association lifetime kilobytes 4608000

telnet timeout 5

ssh timeout 5

console timeout 0

management-access Managment

threat-detection basic-threat

threat-detection statistics port

threat-detection statistics protocol

threat-detection statistics access-list

threat-detection statistics tcp-intercept rate-interval 30 burst-rate 400 averag

e-rate 200

ntp authenticate

ntp trusted-key 1

ntp server 192.168.1.53

webvpn

username xxxxxxxxx password CdAMETwKsUa5iUqQ encrypted

!

class-map inspection_default

match default-inspection-traffic

!

!

policy-map type inspect dns preset_dns_map

parameters

  message-length maximum 512

  message-length maximum client auto

policy-map global_policy

class inspection_default

  inspect dns preset_dns_map

  inspect ftp

  inspect h323 h225

  inspect h323 ras

  inspect rsh

  inspect rtsp

  inspect esmtp

  inspect sqlnet

  inspect skinny

  inspect sunrpc

  inspect xdmcp

  inspect sip

  inspect netbios

  inspect tftp

!

service-policy global_policy global

prompt hostname context

Cryptochecksum:5545c38ac7ca264e2a38caf72b5acb4e

: end