11-07-2008 07:00 AM - edited 03-06-2019 02:22 AM
We are trying to get an ASA5505 to function with an fallback internet connection. Everything is connected correctly and sla rule functions the right way but when it is relayed to the backup connection the i can see that the connection is up but the ASA is dropping the packet to the inside. So we can see with the packettracer that is is going outside but the the answer is being dropped by an access-list of the ASA.
A lay-out is attatched as also a config of the ASA.
11-07-2008 07:09 AM
try global (backup) 1 interface
Francisco
11-07-2008 07:13 AM
interface Vlan2
backup interface Vlan15
nameif outside
security-level 0
ip address xx.xx.xxx.xx xxx.xxx.xxx.xxx
interface Ethernet0/1
switchport access vlan 15
this is part of the config the backup is connected to the ethernet 0/1.
11-07-2008 07:16 AM
try adding the NAT statement above
11-07-2008 07:26 AM
NAT is done by the SB107, we want the ASA only route this connection.
11-07-2008 07:55 AM
can upload the deny logs you are seeing on the ASA. try connecting again and send me the deny logs on ASA. use "show logg asdm | inc [ip address of pc you are connecting from"
Francisco
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide