Please try following

Ivan Adji - Krstev · ‎12-14-2016

Hi all,

As i know this never been an issue. You configure the interface with IP Address and that is it. Plus enable traffic between subnet etc. I have now ASA 5506 and i have configured interfaces with IP Address and have security group by default 100 and traffic is allowed. But there is no routing, no traffic between the subnets. Do i missing something or ?

cofee · ‎12-14-2016

hello Ivan,

can you provide "show route" output from the firewall ? If not please make sure that routes are being installed in the routing table. Also did you try connectivity from external devices through the firewall? And what's the traffic flow, please share the security levels of firewall interfaces.

Ivan Adji - Krstev · ‎12-16-2016

Yes i have access and i have allowed everything just for the test, but still no access. From the ASA i can ping what ever subnet i want, but from the PC on the subnets i can't

ASA# sh route

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, + - replicated route
Gateway of last resort is x.x.x.x to network 0.0.0.0

S* 0.0.0.0 0.0.0.0 [1/0] via x.x.x.x, outside
C x.x.x.x 255.255.255.252 is directly connected, outside
L x.x.x.x 255.255.255.255 is directly connected, outside
C 172.16.23.0 255.255.255.0 is directly connected, inside
L 172.16.23.1 255.255.255.255 is directly connected, inside
C 172.16.24.0 255.255.255.0 is directly connected, WiFiOffice
L 172.16.24.1 255.255.255.255 is directly connected, WiFiOffice

cofee · ‎12-16-2016

Please try following troubleshooting steps:

a) ASA packet tracer utility from WiFioffice to inside or vice versa. This will show if traffic will be dropped for any reason.

b) When you initiate traffic from an external device, did you look at the asa logs? are you seeing any hit counters on Access control entries when you initiate traffic? I am trying to find out if traffic is even making it to the firewall and if it is what does the firewall do with it.

Richard Burts · ‎12-17-2016

I agree with Paul that it would help if we saw some details from the configuration. In particular I am wondering what is the security level of the various interfaces. And if wireless and inside are same security level whether the config allows for same security level inter interface. It would also be helpful to see how it is configured to allow traffic between subnets.

HTH

Rick

HTH

Rick

Ivan Adji - Krstev · ‎12-21-2016

Hi all,

Sorry for this delay, too much work and other priority. I have contact the cisco support and we have fix this issue. The problem was the Router on the other end that i have used it and the DHCP on the same interface. I have get this solution from Cisco Support guy Koustav which he explain to me a lot. He was excellent.

Once again sorry for the delay and thank you for the support.

Richard Burts · ‎12-22-2016

Thank you for posting back to the forum to let us know that Cisco support has helped you and that you have identified the problem and fixed it. It is good to know when problems reported to the forum have been solved.

HTH

Rick

HTH

Rick

paul driver · ‎12-14-2016

Hello

Can you provide the running configure of your ASA

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Routing between interfaces ASA 5506

Yes i have access and i have allowed everything just for the test, but still no access. From the ASA i can ping what ever subnet i want, but from the PC on the subnets i can't

ASA# sh route