ASA Context Problem

Guys I need help... I was doing IE Security Lab 4 and I got stuck in section 1.6. I setup the ASA according to 1.6 but I cannot seems to ping from Context customerB to CutomerA context and from CustomerA context I cannot ping CustomerB inside network. Could you point me out what am I missing over here. I posted icmp debugs from CustomerA context and pings from CustomerB context. I am going nuts over this .. please help.

ASA2# sh run
: Saved
:
ASA Version 7.2(1) <system>
!
hostname ASA2
enable password 8Ry2YjIyt7RRXU24 encrypted
no mac-address auto
!
interface GigabitEthernet0/0
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
 shutdown
!
interface Management0/0
 shutdown
!
class default
  limit-resource All 0
  limit-resource ASDM 5
  limit-resource SSH 5
  limit-resource Telnet 5
!

ftp mode passive
pager lines 24
no failover
no asdm history enable
arp timeout 14400
console timeout 0

admin-context admin
context admin
  config-url disk0:/admin.cfg
!

context CustomerA
  allocate-interface GigabitEthernet0/0
  allocate-interface GigabitEthernet0/1
  config-url disk0:/CustomerA.cfg
!

context CustomerB
  allocate-interface GigabitEthernet0/0
  allocate-interface GigabitEthernet0/2
  config-url disk0:/CustomerB.cfg
!

prompt hostname context
Cryptochecksum:a51d9bac00542bc0e3fc73e4faa868f3
: end

 


context CustomerA

ASA2/CustomerA(config)# sh run
: Saved
:
ASA Version 7.2(1) <context>
!
hostname CustomerA
enable password 8Ry2YjIyt7RRXU24 encrypted
names
!
interface GigabitEthernet0/0
 nameif outside
 security-level 0
 ip address 163.1.132.113 255.255.255.0
!
interface GigabitEthernet0/1
 nameif inside
 security-level 100
 ip address 163.1.136.13 255.255.255.0
!
passwd 2KFQnbNIdI.2KYOU encrypted
access-list OUTSIDE_IN extended permit icmp any any
pager lines 24
logging enable
logging console debugging
mtu outside 1500
mtu inside 1500
no asdm history enable
arp timeout 14400
static (inside,outside) 150.1.6.0 150.1.6.0 netmask 255.255.255.0
static (inside,outside) 54.1.1.0 54.1.1.0 netmask 255.255.255.0
static (inside,outside) 163.1.136.0 163.1.136.0 netmask 255.255.255.0
access-group OUTSIDE_IN in interface outside
route outside 0.0.0.0 0.0.0.0 163.1.132.2 1
route outside 204.12.1.0 255.255.255.0 163.1.132.213 1
route inside 150.1.6.0 255.255.255.0 163.1.136.6 1
route inside 54.1.1.0 255.255.255.0 163.1.136.6 1

 

context CustomerB

ASA2/CustomerB# sh run
: Saved
:
ASA Version 7.2(1) <context>
!
hostname CustomerB
enable password 8Ry2YjIyt7RRXU24 encrypted
names
!
interface GigabitEthernet0/0
 nameif outside
 security-level 0
 ip address 163.1.132.213 255.255.255.0
!
interface GigabitEthernet0/2
 nameif inside
 security-level 100
 ip address 204.12.1.13 255.255.255.0
!
passwd 2KFQnbNIdI.2KYOU encrypted
access-list OUTSIDE_IN extended permit icmp any any
pager lines 24
mtu outside 1500
mtu inside 1500
no asdm history enable
arp timeout 14400
static (inside,outside) 204.12.1.0 204.12.1.0 netmask 255.255.255.0
access-group OUTSIDE_IN in interface outside
route outside 0.0.0.0 0.0.0.0 163.1.132.2 1
route outside 163.1.136.0 255.255.255.0 163.1.132.113 1
route outside 150.1.6.0 255.255.255.0 163.1.132.113 1
route outside 54.1.1.0 255.255.255.0 163.1.132.113 1

 

ASA2/CustomerA(config)# ping 204.12.1.254
                                         ICMP echo request from 163.1.132.113 to 204.12.1.254 ID=4388 seq=6552 len=72
Sending 5, 100-byte ICMP Echos to 204.12.1.254, timeout is 2 seconds:
%ASA-7-609001: Built local-host NP Identity Ifc:163.1.132.113
%ASA-7-609001: Built local-host outside:204.12.1.254
%ASA-6-302020: Built ICMP connection for faddr 204.12.1.254/0 gaddr 163.1.132.113/4388 laddr 163.1.132.113/4388
?ICMP echo request from 163.1.132.113 to 204.12.1.254 ID=4388 seq=6552 len=72
?ICMP echo request from 163.1.132.113 to 204.12.1.254 ID=4388 seq=6552 len=72
?ICMP echo request from 163.1.132.113 to 204.12.1.254 ID=4388 seq=6552 len=72
?ICMP echo request from 163.1.132.113 to 204.12.1.254 ID=4388 seq=6552 len=72
?
Success rate is 0 percent (0/5)
ASA2/CustomerA(config)# %ASA-5-111008: User 'enable_15' executed the 'ping 204.12.1.254' command.
%ASA-6-302021: Teardown ICMP connection for faddr 204.12.1.254/0 gaddr 163.1.132.113/4388 laddr 163.1.132.113/4388
%ASA-7-609002: Teardown local-host NP Identity Ifc:163.1.132.113 duration 0:00:10
%ASA-7-609002: Teardown local-host outside:204.12.1.254 duration 0:00:10

ASA2/CustomerB# ping 163.1.136.6
Sending 5, 100-byte ICMP Echos to 163.1.136.6, timeout is 2 seconds:
?????
Success rate is 0 percent (0/5)

Sign In or Register to comment.