?
Solved

Calling Network Nerds for Friday Fun!

Posted on 2010-09-15
3
Medium Priority
?
607 Views
Last Modified: 2012-05-10
Hi there!!

So for today, I decided to do something for fun,.. I wanted to establish a Site to Site VPN between 2 ASAs.

Now, this sounds like a routine task for most of you, but here's the catch: My ASAs are running with QEmu and I'm using loopback interfaces to talk to them.

So you're probably thinking to yourself.. "What the hell? What's the purpose of this"? well, let me tell you.. there's no purpose; but if you're like me, you don't need one to network! If you feel like this is a waste of time, then I'm sorry I wasted 2 minutes of your life, I'm sure god will forgive me :)

Enough talk. Here's the scoop (attached image)

I have 2 virtual ASAs running 8.0(2) - each one with two working network interfaces, all attached to a dedicated loopback interface on my machine (one for each ASA interface).


ASA A
inside - 10.1.1.1
outside - 11.1.1.1

ASA B
inside - 20.1.1.1
outside - 21.1.1.1

PC
lo1 - 10.1.1.254
lo2 - 11.1.1.254
lo3 - 20.1.1.254
lo4 - 21.1.1.254


First Challenge:

Access lists on ASAs allow pings to come in to the outside interfaces
From ASA A I can ping ALL loopback interfaces
From ASA B I can ping ALL loopback interfaces
PC can ping ALL IP Addresses

BUT

ASA A cannot ping ASA B and vice versa

Question is; according to the routing table on my PC and the ASAs, why isn't the ping working? Is there something I have to do to enable my Windows XP PC to route these packets from one loopback to another? I know in Windows Server you can have install RAS but how do i achieve this in windows XP?


Before I go crazy with wireshark and start capturing packets on the ASAs I want to see if someone can come up with a solution.

Lastly, I know all of us have full time jobs and don't have much time left to fiddle around but I'd like to execute this exercise for fun. If you have few minutes to offer suggestions, feel free. I'll award points to those who offer the best solutions as the exercise matures!


Have Fun!



FridayNightFun.PNG
0
Comment
Question by:ddiazp
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 6

Accepted Solution

by:
kuoh earned 2000 total points
ID: 33688920
Try making the following change in the PC registry and reboot.

HKEY_LOCAL_MACHINE \SYSTEM\CurrentControlSet\Services\Tcpip \Parameters
"IPEnableRouter" = "1"
0
 
LVL 10

Author Comment

by:ddiazp
ID: 33707536
That worked and allowed mento
Finish up this little lab. Thanks :)
0
 
LVL 10

Author Closing Comment

by:ddiazp
ID: 33707541
Excellent,
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question