Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
I have a Cisco with two LIVE interfaces. They aren't failover controlled. I can ping one of the interface from the outside, but not the other. Packet capture shows the incoming echo, but no reply on the interface not working. TCP/UDP traffic works fi...
Hello all,
I have these two nets connected over the public internet with ASA 5510s.
192.168.0.0 < -- ASA1 ---> Internet <--- ASA2 --> 192.168.5.0
Each net does either a simple dynamic or static nat for outbound access over it's local ASA....
Makes sense. Static 1 to 1 NAT for the entire secondary WAN to another server isn't an option for me. I have about 10 nats to various servers already configured for it. I can't NAT icmp directly. Do I have no option here?
Got it:1) add it to the crypto ACL as specific host to specific public host2) add phase 2 single specific host to same specifib public host3) on the other side, create a matching reverse ACL4) on the other side, set same-security-interinterface (was ...
