Question : ASA Static routing to Internal Router

Hello, can someone please assist me with this issue.  there must be something i'm missing. From the internal network 192.168.20.32/27 i can ping the internal interface of the ASA and any computers that are connected to it. however, i can't ping from any computers connected to the ASA internal network of 172.16.31.x/27.. from the ASA's ios i can ping the 192.168.10.x
 
ASA Version 8.0(4)
!
hostname ciscoasa
domain-name lionheartga.com
enable password 2KFQnbNIdI.2KYOU encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
name 192.168.10.1 WIRELESS
name 10.10.1.2 OUTSIDE
name 172.16.31.1 INSIDE
name 192.168.10.32 TO_VG2801
!
interface Vlan1
 nameif inside
 security-level 100
 ip address INSIDE 255.255.255.224
!
interface Vlan2
 nameif outside
 security-level 0
 ip address OUTSIDE 255.255.255.248
!
interface Vlan12
 no forward interface Vlan1
 nameif Wireless
 security-level 49
 ip address WIRELESS 255.255.255.224
!
interface Ethernet0/0
 switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
 switchport access vlan 12
!
interface Ethernet0/5
 switchport access vlan 12
!
interface Ethernet0/6
 switchport access vlan 12
!
interface Ethernet0/7
<--- More --->
             
 switchport access vlan 12
!
ftp mode passive
dns domain-lookup inside
dns domain-lookup outside
dns domain-lookup Wireless
dns server-group DefaultDNS
 name-server 4.2.2.2
 domain-name lionheartga.com
same-security-traffic permit intra-interface
object-group service TERMINAL-SERVICE tcp
 port-object eq 3389
object-group service HTTP-HTTPS tcp
 port-object eq www
 port-object eq https
object-group service SSL_WEB tcp
 port-object eq https
access-list OUTSIDE_IN extended permit tcp any 10.10.1.0 255.255.255.248 object-group TERMINAL-SERVICE log debugging
access-list OUTSIDE_IN extended permit tcp any 10.10.1.0 255.255.255.248 eq ftp log debugging
access-list INSIDE_NAT0_OUT extended permit ip 172.16.31.0 255.255.255.224 TO_VG2801 255.255.255.224
access-list INSIDE_ACCESS_IN extended permit ip 172.16.31.0 255.255.255.224 TO_VG2801 255.255.255.224
access-list INSIDE_ACCESS_IN extended permit ip 172.16.31.0 255.255.255.224 any
pager lines 24
logging enable
<--- More --->
             
logging asdm informational
mtu inside 1500
mtu outside 1500
mtu Wireless 1500
ip local pool SSLanyPOOL 192.168.100.1-192.168.100.30 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-613.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list INSIDE_NAT0_OUT
nat (inside) 1 172.16.31.0 255.255.255.224
nat (inside) 1 0.0.0.0 0.0.0.0
static (inside,outside) tcp interface 3389 172.16.31.5 3389 netmask 255.255.255.255
static (inside,outside) tcp interface ftp 172.16.31.5 ftp netmask 255.255.255.255
access-group OUTSIDE_IN in interface outside
route outside 0.0.0.0 0.0.0.0 10.10.1.1 1
route inside TO_VG2801 255.255.255.224 172.16.31.2 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
dynamic-access-policy-record DfltAccessPolicy
http server enable
http 192.168.1.0 255.255.255.0 inside
http 172.16.31.0 255.255.255.224 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd address 172.16.31.20-172.16.31.30 inside
dhcpd dns 4.2.2.2 interface inside
dhcpd domain lionheartga.com interface inside
dhcpd enable inside
!
dhcpd address 192.168.10.10-192.168.10.20 Wireless
dhcpd dns 4.2.2.2 interface Wireless
dhcpd enable Wireless

threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
 enable outside
group-policy DfltGrpPolicy attributes
 webvpn
  url-list value CLSSList
username gary password errAU5UQcUDj.E7. encrypted privilege 15
username gary attributes
 webvpn
  url-list value CLSSList
!
class-map inspection_default
 match default-inspection-traffic
!
policy-map type inspect dns preset_dns_map
 parameters
  message-length maximum 512
policy-map global_policy
 class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny  
  inspect sunrpc
  inspect xdmcp
  inspect sip  
  inspect netbios
  inspect tftp
  inspect http
  inspect icmp
  inspect icmp error
Attachments:
 
ASA-config-june-2010.TXT (4 KB) (File Type Details) 
ASA_Config
 

Answer : ASA Static routing to Internal Router

Well, that is the issue for sure. I can tell you because I have that issue once and I had to learn it the hard way. Oracle needs that every different product is installed on different HOMES, not only directories but Logical Homes.

For Example, you should have:

1. Home_name1: ORA_DB
    Directory: C:\oracle\ora_db

2. Home_name2: ORA_Dev
    Directory: C:\oracle\ora_dev

Right, now you're REGEDIT must be mixed and that's why EM is not connecting to your database. What is weird is that your Oracle Developer SQL*Plus is able to connect.

If this is a test database and you really want to do this, you would need to:

1. Uninstall your products. (Using Oracle installer)
2. Make sure to remove the directories you were using.
3. Delete the whole entry for ORACLE on Regedit (LOCAL_MACHINE/SOFTWARE/ORACLE)
4. Re-install both products using different homes.

It's up to you. Let me know if how it goes if you decide to go this way.

Cheers and good luck!
Random Solutions  
 
programming4us programming4us