We're moving to a different firewall set and I'm trying to set up a connection from an inside host to a remote server.
The inside host can ping but is getting remote host not reponding error when using browser from the inside of the network.
When I connect a laptop directly into a switchport in the correct vlan outside the firewall I can connect to the http page of the remote server.
I've done packet traces and spanned the connections from the router and confirmed that ACK packets are being sent back from the remote server to the correct NAT'd address on the FW, but ASDM and logs show that the ACKs are not reaching the FW.
I think the problem is to do with the trunking between the ASA and the switch uplinks but from reading all the blurb it looks ok to me.
I do need the trunking to work as additional sub-ints will be coming on line soon, can anyone help?
I've included a diagram, the FW config and some diags from both the swtich and the ASA.
I've had some experience with PIX and ASA but this is the first time I've used trunking and sub-ints on the ASA - what have I done wrong? EE-Diag.vsd Gateway-FW-Config.txt