Cisco ASA Routing Issues

Hi,

I have a Cisco ASA device which I am using for webvpn.

Anyconnect works OK. Clients connect in and get an IP address of 172.28.15.10-172.28.15.100. When the router tries to ping anything outside of this network i.e. 172.28.1.1 I get the followign error:

6      Mar 28 2012      13:23:35      302021      172.28.15.10      1024      172.28.1.1      0      Teardown ICMP connection for faddr 172.28.15.10/1024 gaddr 172.28.1.1/0 laddr 172.28.1.1/0 (uk000296)

The explaination states: An ICMP session was established in the fast-path when stateful ICMP was enabled using the inspect icmp command.

I have ran route print, and the PC has a route of 172.28.10 to the interface of the VPN connection (172.28.15.10).

I believe my problem maybe my NAT rules. These have been setup as:

nat (Live,Live) source static 172.28.15.0 172.16.0.0
nat (Live,Live) source static 172.16.0.0 172.28.15.0

Any ideas why routing isn't working ?

Thanks,
AnritsuLTDAsked:
Who is Participating?
 
AnritsuLTDConnect With a Mentor Author Commented:
Problem solved

My ASA device obtains it's routing information from another core Cisco device which needed a static ip route placing on it in order for traffic to be replying back to the device.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.