Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi All,I am observing a issue where am not able to ping couple of devices across the FWSMThe configuration permits ICMP from the source subnet (172.16.10.X/24) to the destination subnet (10.10.10.X/24)But we are not able to ping host 10.10.10.12 from...
Hi All, I have two ASA's configured on Active/ Standby failover mode. I am observing frequent failover (once or twice in a day) of ASA post IPS installation. The below logs were captured when the issue was observed %ASA-1-104001: (Secondary) Switchin...
Hi Jennifer,Here are some logs for refernece. From 172.16.10.10 we are able to ping 10.10.10.13 and same is not possible with 10.10.10.12. ICMP Traffic coming from 172.16.10.10 on VLAN 120 is able to pass it to VLAN 10. Where as 10.10.10.13 it is abl...
Hi Jennifer,I enabled packet capture on both inbound and outbound interfaces. I saw icmp packet entering the inbound interface but cant see the icmp packet exiting the outbound interface on the FWSM. Please advice. Thanks!
Hi Jennifer,We thought the same way and informed the team managing the server to check on it. But they insist that nothing has been blocked. Also routes are proper on the end host. We are able to reach this machine from other subnets across the same ...
Hi Jennifer,The traffic flow is from lower Security Zone to Higher Security ZoneTraffic has been permitted in the ACL applied to the lower Security interfaceICMP inspection is not enabledNAT has been disabled.We are able to ping other machines in the...
