I have been trying to set up an ASA at the edge of my network but it's not going as planned. I can't seem to get it to PAT/forward traffic. I'm not sure if it's the NAT process or an ACL blocking traffic from flowing between the two interfaces, or none of the above. I have spent hours upon hours looking at the same config to no avail. I went ahead and defaulted back to my 2921 at the edge for the time being.
My topology consists of an ASA 5506-X at the edge, connected to two stacked 3750s via a routed port with a /30 subnet. The 3750s perform intervlan routing (with eigrp enabled and peered with the ASA) and forward the default route to the ASA via its 172.16.100.1/30 inside interface.
I can ping the ASAs inside interface from the switch stack and from internal clients. I can not, however, ping the outside interface of the ASA nor any external public address beyond that.
If I remote into the ASA I can ping the switch stack and internal clients, but only if I source the ping from its inside interface. Also, I can ping 8.8.8.8 and the like from the ASA but only from the outside interface.
Any assistance/guidance would be greatly appreciated.
ASA Config: https://pastebin.com/p6ayWyqY 3750 Stack Config: https://pastebin.com/NnZZH9Pv
No comments:
Post a Comment