Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

ASA to MX Issues

EHUG138
Just browsing
a week ago
a week ago

ASA to MX Issues

Hello, 

Moving from a ASA to MX device, I am having a few issues. Primary issue is that I can not connect to devices on VLAN6. 

We have VLAN 1(internal) and VLAN 6(production). I need a server on VLAN 1 to access devices on VLAN 6. 

The firewall rules are: 

Allow Protocol ANY Source ServerIP Dst Port ANY Destination VLAN6 ANY

Deny Protocol ANY Source VLAN 6 Scr Port ANY Destination ANY Dst Port ANY

**there is a static route to have 192.168.0.0 traffic directed to a specific IP (device) on VLAN 6. 

There were also some NAT rules configured on the ASA that have not been added to the MX:

nat (VLAN6) 0 access-list no-nat-VLAN6
nat (VLAN6) 1 0.0.0.0 0.0.0.0

I understand I may be missing something simple here but please share your thoughts. 

Labels:
0 Kudos
Subscribe
2 Replies 2
alemabrahao
Kind of a big deal
Kind of a big deal
a week ago
a week ago

It would be interesting for you to share all the details, such as topology, how the configurations are on the MX side, etc.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Subscribe
Prestont
Conversationalist
a week ago
a week ago

you might try to add a recursive flow on the MX. 

Allow Protocol ANY Source VLAN6 Dst Port ANY Destination ServerIP ANY

and see if it works.

Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.