Inter-vlan Routing

mudasir05 · ‎10-14-2014

Hello All,

As per the attached topology,I have inter-vlan routing running in all the devices.

The problem is iam unable to ping the inside interface of the ASA from the 2960 switch as well from the L3 switch and vice versa.

Iam able to ping from the router to the ASA but not to the internal network.

Any help would be appreciated.

Thanks

InayathUlla Sharieff · ‎10-14-2014

Do you have a route to that network?

Did you check the ACL on ASA firewall as by default everything is blocked coming in.

Regard

Inayath

mudasir05 · ‎10-14-2014

Thanks Inayath for the reply...

I checked in L3 switch and in 2960,the route for network 192.168.1.0 is present.

The ASA inside network is having ip 192.168.1.1/24 which is connected to the internal router via gig0/1(192.168.1.2/24).

Also the ACLs on the firewall permit inside traffic.

Thanks

InayathUlla Sharieff · ‎10-14-2014

how about the return traffic?

can you attach the .pkt tracer file?

rizwanr74 · ‎10-14-2014

Hi Mudasir,

The reason you cannot ping ASA inside interface, for either two reasons.

1) Router that connecting to your ASA does not have static route to subnets you are hosting on 2960 and 3750 switches.

2) Or ASA itself does not have route to those subnets you are hosting on the 2960 and 3750 switches.

Therefore please make sure, your router and ASA have static routes are in placed for return traffic to traverse to next-hop peer address.

Thanks

Rizwan Rafeek.