Question : Routing Between VLAN's on ASA 5505

Ok, I know I am missing something basic here, but I can't for the life of me get routing to work between two VLAN's on an ASA 5505.  I have the Security Plus license, so it's not a license issue.  Anyway, I have attached the config.  PC's in the 172.20.100.x network can't reach 172.20.200.x.  What am I missing? 
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
46:
47:
48:
49:
50:
51:
52:
53:
54:
55:
56:
57:
58:
59:
60:
61:
62:
63:
64:
65:
66:
67:
68:
69:
70:
71:
72:
73:
74:
75:
76:
77:
78:
79:
80:
81:
82:
83:
84:
85:
86:
87:
88:
89:
90:
91:
92:
93:
94:
95:
96:
97:
98:
99:
100:
101:
102:
103:
104:
105:
106:
107:
108:
109:
110:
111:
112:
113:
114:
115:
116:
117:
118:
119:
120:
121:
122:
123:

show run
: Saved
:
ASA Version 8.0(5) 
!
hostname ASA
domain-name ACME.COM
names
!
interface Vlan1
 nameif inside
 security-level 100
 ip address 172.20.100.2 255.255.255.0 
!
interface Vlan2
 nameif outside
 security-level 0
 ip address 10.10.10.10 255.255.255.0 
!
interface Vlan200
 nameif MY_VLAN

 security-level 100
 ip address 172.20.200.254 255.255.255.0 
!
interface Ethernet0/0
 switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
 switchport access vlan 200
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!

interface Ethernet0/7
!
boot system disk0:/asa805-k8.bin
ftp mode passive
clock timezone PST -8
clock summer-time PDT recurring
dns server-group DefaultDNS
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object-group service DM_INLINE_SERVICE_1
 service-object tcp eq nntp 
 service-object udp eq ntp 
access-list outside_access_in extended permit tcp any host 10.10.10.11 eq https 
access-list outside_access_in remark Wiki
access-list outside_access_in extended permit tcp any host 10.10.10.11 eq https 
access-list outside_access_in remark Wiki
access-list outside_access_in extended permit tcp any host 207.189.108.69 eq www 
access-list outside_access_in extended permit tcp any host 207.189.108.71 eq https 
access-list MY_VLAN_access_in extended permit ip 172.20.100.0 255.255.255.0 any 
access-list inside_access_in extended permit ip 172.20.200.0 255.255.255.0 any 
pager lines 24
logging asdm informational

              
mtu inside 1500
mtu outside 1500
mtu CTS_VLAN 1500
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-623.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 0.0.0.0 0.0.0.0
nat (CTS_VLAN) 1 0.0.0.0 0.0.0.0
static (inside,outside) tcp 207.189.108.70 https host1 https netmask 255.255.255.255 
static (inside,outside) tcp 207.189.108.71 https host2 https netmask 255.255.255.255 
static (inside,outside) tcp 207.189.108.69 https host3 https netmask 255.255.255.25
static (inside,outside) tcp 207.189.108.69 www host3 www netmask 255.255.255.255 
access-group inside_access_in in interface inside
access-group outside_access_in in interface outside
access-group MY_VLAN_access_in in interface CTS_VLAN
!
router eigrp 500
 network 172.20.100.0 255.255.255.0
 network 172.20.200.0 255.255.255.0
 passive-interface outside
!

route outside 0.0.0.0 0.0.0.0 207.189.108.65 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-record DfltAccessPolicy
aaa authentication enable console LOCAL 
aaa authentication http console LOCAL 
aaa authentication serial console LOCAL 
aaa authentication ssh console LOCAL 
http server enable
http 0.0.0.0 0.0.0.0 outside
http 0.0.0.0 0.0.0.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000

telnet timeout 5
ssh 0.0.0.0 0.0.0.0 inside
ssh 0.0.0.0 0.0.0.0 outside

              
ssh timeout 5
console timeout 0

threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept

Answer : Routing Between VLAN's on ASA 5505

If I understand you correctly whant you want is to get the
"app1\app1.html" from C:\inetpub\v5\eLetters\app1\app1.html
and
app2\subapp2\app2.html from C:\inetpub\v5\eLetters\app2\subapp2\app2.html
and
app3\app3.html C:\inetpub\v5\eLetters\app3\app3.html

Right?

If that is the case then use the code at the bottom this way:

msgbox(ReplaceServerFilePath("lstHTMLFiles.Items.Item(i).ToString", "\\servername\v5\eLetters"))




1:
2:
3:
4:

Private Function ReplaceServerFilePath(Byval OldServerFilePath as string, Byval NewServerFilePath) as string
Dim ServerFilePath as string = oldServerFilePath.Replace("C:\inetpub\v5\eLetters",string.empty)
Return NewServerFilePath & ServerFilePath
End Function
Random Solutions  
 
programming4us programming4us