jenkinst
asked on
Packet drop, No valid adjacency, ASA 5516x
I have an ASA 5516x. I have 7 interfaces setup. I have not done NAT or PAT other than nat (inside,outside) dynamic interface. Only management and inside have security-level 100. I run packet tracer on the inside interface. I can put any source IP (on inside network) to any destination IP (outside, dmz, ...) and the packets are droped. The error I am getting is "no valid adjacency". I have not set up any routing except default gateway. What do I have to do to setup adjacency?
Thank for your help
Thank for your help
What version of code are you running?
Also, are all interfaces in up/up status?
ASKER
Code is 9.9.2 all interfaces are up/up (no shutdown / linked)
You may be running into this bug:
https://quickview.cloudapp s.cisco.co m/quickvie w/bug/CSCu z72137
You are off by one prior rev. in your code for the main bug but it could be so.
Beyond that, it is going to be either a routing or a NAT issue. Can you share your conf for both of those?
https://quickview.cloudapp
You are off by one prior rev. in your code for the main bug but it could be so.
Beyond that, it is going to be either a routing or a NAT issue. Can you share your conf for both of those?
Your current configuration? Have you configured object network and is subnet/interfaces matching to direction?
NAT configuration should be something like this:
ASA(config)# object network my-inside-net
ASA(config-network-object) # subnet 192.168.25.0 255.255.255.0
ASA(config-network-object) # nat (inside,outside) dynamic interface
Configure routing:
ASA(config)# route inside 172.16.0.0 255.255.252.0 192.168.0.1
Could be useful:
CLI Book 1: Cisco ASA Series General Operations CLI Configuration Guide, 9.9
CLI Book 2: Cisco ASA Series Firewall CLI Configuration Guide, 9.9
CLI Book 3: Cisco ASA Series VPN CLI Configuration Guide, 9.9
NAT configuration should be something like this:
ASA(config)# object network my-inside-net
ASA(config-network-object)
ASA(config-network-object)
Configure routing:
ASA(config)# route inside 172.16.0.0 255.255.252.0 192.168.0.1
Could be useful:
CLI Book 1: Cisco ASA Series General Operations CLI Configuration Guide, 9.9
CLI Book 2: Cisco ASA Series Firewall CLI Configuration Guide, 9.9
CLI Book 3: Cisco ASA Series VPN CLI Configuration Guide, 9.9
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.