Inside - 10.1.2.0 /24
Security level 100
DMZ - 172.16.1.0 /24
Security level 60
I am trying to simply allow traffic from the INSIDE network to the DMZ network. From the ASA I can ping both connected networks (DMZ and INSIDE), but I can't ping from the DMZ to the INSIDE or visa versa. I will eventually put ACLs to restrict traffic, but I am avoiding that for now for testing purposes.
portmap translation creation failed for tcp src inside:10.1.2.245/2130 dst DMZ:172.16.1.2/80
Built ICMP connection for faddr 10.1.2.245/1280 gaddr 172.16.1.1/0 laddr 172.16.1.1/0
Teardown ICMP connection for faddr 10.1.2.245/1280 gaddr 172.16.1.1/0 laddr 172.16.1.1/0
10.1.2.245 is the client I am testing the connection from (on the INSIDE)
172.16.1.1 is the IP of the DMZ interface on the ASA
172.16.1.2 is one of the clients on the DMZ network
Do I have to setup NAT to go from DMZ to INSIDE?
Don't assume I know the obvious because I don't :)
I don't usually try to be demanding when posting questions, but this is very urgent. Please help ASAP.
Your help is greatly appreciated.