Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
777
Views
0
Helpful
4
Replies

routing between 2 subnets

Yea9632
Level 1
Level 1

‎07-21-2015 09:03 AM - edited ‎03-08-2019 01:03 AM

it's maybe a "stupid" question but i'm just confused 

a friend of me trying to configure a VPN tunnel, by making a "random" topology which i didn't understand ( or maybe i'm not used to see it so often because it's just random)

 

the topology looks like this :

PC1 ==== Switch 1 ==== ASA 1/================/ASA 2====Switch2====PC2

192.168.1.0/24============/     10.10.10.0/24        /===========192.168.2.0/24

as you can see we have 3 networks here, each ASA is connected to 2 different networks, and we can do a ping from PC1 to ASA2 outside interface without configuring static/dyn. routing  

why i can ping ? simply because we have a server with 2 nic's, it allows traffic to pass ?

and we can't ping from PC1 to the inside interface of ASA2 ( following the same rule, normally it should ?! )

i'm not used to see such topology, this is not the problem, my problem now, how can i understand this ?

PS: i'm used to see big architectures and topology, and i know where/ when should i use routing and where's not necessary, but small things sometimes make me feel ridiculous

any help ? 

Labels:
0 Helpful
4 Replies 4

Chandra Gurung
Level 1
Level 1

‎07-21-2015 09:10 AM

I might be wrong but doesn't by default interfaces of the ASA kill the ping traffic, if the network is setup correctly you might be able to ping PC2 or Switch2 but not ASA2 inside interface from PC1.

 

 

0 Helpful

Yea9632
Level 1
Level 1
In response to Chandra Gurung

‎07-21-2015 09:15 AM

So you mean , with 2 nic's, even we have different networks, no need to use a router, the traffic should pass ? i mean we can reach PC2 from PC1 ?

0 Helpful

Chandra Gurung
Level 1
Level 1
In response to Yea9632

‎07-21-2015 09:24 AM

I think the main point is security-level. but as far as I am aware you do need routes configured.. be it static or dynamic for two subnets to talk to each other.

 

0 Helpful

Yea9632
Level 1
Level 1
In response to Chandra Gurung

‎07-22-2015 03:42 AM

that was my thought, but he didn't configured any routes there (static or dynamic )... asked myself : how he can do a ping between PC1 and the inside interface of the ASA 2

ASA isn't configured yet, so my question is just about how the routing works here , if ASA in some sort works like a router ( in term of isolating subnets ) , so absolutely we need to configure routes ..

0 Helpful
Customers Also Viewed These Support Documents