7800N routing Issue
Posted: Tue Nov 04, 2014 9:58 pm
HI,
I seem to have a bit of an issue with routing, I've tried a lot, but obviously not enough, I'm hoping you could shed some light on the issue please.
description to start off with:
My setup is:
Billion 7800n connected to ADSL out to Ser Prov.
Connected into port 1 I have a trunk port going down to a Cisco ASA trunking 3 vlans.
connected to the ASA is my laptop.
my issue is that I can't seem to get traffic to route back through to my ASA from my 7800, (at least that's what I think the issue is)
Access-lists and such on the ASA are fine, at least when I run captures I can see traffic exiting my ASA and heading up to the 7800.
On the 7800 if I look under the firewall logs, i can see DNS traffic exiting the device but nothing coming back in.. however...
If I connect my laptop straight into the 7800, everything works fine... also if I ping (tcp or otherwise) from the ASA i can get out onto the internet fine.
please see screen shot attached from the 7800 firewall log.
It seems to me, like possibly the dns traffic is coming back, but because the 7800 doesn't have an ARP entry for my laptop (as it's behind the ASA) it doesn't know where to send it, which is odd because I've entered the static routes in the routing table to point to my ASA using the Lan/Br0 interface for the route back.
I've also added the relevant ASA interface as a DMZ and added some virtual server rules in (i'd not have thought this necessary though as it should be stateful)
As you can see from the attachment, my laptop plugged into the 7800 is on 172.16.15.4 (working fine) and the laptop not getting a response is on 172.16.10.2
IP addresses 208.67.222.222, 8.8.8.8 & 8.8.4.4 are DNS servers
I've tried it using all the same DNS servers too, same result.
I've also attached a vlan table screen shot and a routing table screen shot.
any ideas?
I seem to have a bit of an issue with routing, I've tried a lot, but obviously not enough, I'm hoping you could shed some light on the issue please.
description to start off with:
My setup is:
Billion 7800n connected to ADSL out to Ser Prov.
Connected into port 1 I have a trunk port going down to a Cisco ASA trunking 3 vlans.
connected to the ASA is my laptop.
my issue is that I can't seem to get traffic to route back through to my ASA from my 7800, (at least that's what I think the issue is)
Access-lists and such on the ASA are fine, at least when I run captures I can see traffic exiting my ASA and heading up to the 7800.
On the 7800 if I look under the firewall logs, i can see DNS traffic exiting the device but nothing coming back in.. however...
If I connect my laptop straight into the 7800, everything works fine... also if I ping (tcp or otherwise) from the ASA i can get out onto the internet fine.
please see screen shot attached from the 7800 firewall log.
It seems to me, like possibly the dns traffic is coming back, but because the 7800 doesn't have an ARP entry for my laptop (as it's behind the ASA) it doesn't know where to send it, which is odd because I've entered the static routes in the routing table to point to my ASA using the Lan/Br0 interface for the route back.
I've also added the relevant ASA interface as a DMZ and added some virtual server rules in (i'd not have thought this necessary though as it should be stateful)
As you can see from the attachment, my laptop plugged into the 7800 is on 172.16.15.4 (working fine) and the laptop not getting a response is on 172.16.10.2
IP addresses 208.67.222.222, 8.8.8.8 & 8.8.4.4 are DNS servers
I've tried it using all the same DNS servers too, same result.
I've also attached a vlan table screen shot and a routing table screen shot.
any ideas?
