Cisco PIX/ASA are not routers. For example, you cannot ping from the inside network to the outside interface, or any other simular type of test.
> -----Original Message----- > From: cisco-nsp-boun...@puck.nether.net > [mailto:cisco-nsp-boun...@puck.nether.net] On Behalf Of Tom > Sutherland > Sent: Friday, February 25, 2011 4:01 PM > To: Michael Loether > Cc: cisco-nsp@puck.nether.net > Subject: Re: [c-nsp] ASA 5505 doesn't like itself > > as a test, you might try: > > icmp permit any inside > icmp permit any outside > > from cisco command reference: > > "To configure access rules for ICMP traffic that terminates at a > adaptive security appliance interface, use the icmp command." > > > On Thu, 2011-02-17 at 16:53 -0500, Michael Loether wrote: > > > I have a ASA 5505 I am setting up at a small branch office. Working > > towards a site to site VPN but > first I need to get it to talk to itself. Traffic is not passing from inside > to outside. > > > > interface Vlan1 > > nameif inside > > security-level 100 > > ip address 172.19.1.1 255.255.255.0 > > ! > > interface Vlan2 > > nameif outside > > security-level 0 > > ip address 64.183.175.22 255.255.255.252 > > ! > > interface Ethernet0/0 > > switchport access vlan 2 > > ! > > interface Ethernet0/1 > > ! > > nat (inside,outside) after-auto source dynamic any interface > > > > DHCPd is running on VL 1 and it is handing out IPs as expected. > > > > ping inside 64.183.175.21 > > Type escape sequence to abort. > > Sending 5, 100-byte ICMP Echos to 64.183.175.21, timeout is 2 seconds: > > ????? > > Success rate is 0 percent (0/5) > > > > ACLs are any any ip on both inside and outside. > > > > Any suggestion would be appreciated. > > > > Mike > > > > > > _______________________________________________ > > cisco-nsp mailing list cisco-nsp@puck.nether.net > > https://puck.nether.net/mailman/listinfo/cisco-nsp > > archive at http://puck.nether.net/pipermail/cisco-nsp/ _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/