NAT and ACLs for cisco ASA 5520

[eijal_85]

Hi there,

i am newbie on configuring ASA firewall. I got stuck on configuring NAT and ACLs.
My big problem are:

1)The inside network cannot communicate with interface on inside ASA firewall

2)My CSC-SSM also cannot communicate with the ASDM after i configure the CSC-SSM wizard.

Here are the situation of problem no.1.

i have 3 interface:

outside - 172.16.1.1/24
DMZ - 10.10.10.1/24
inside - 192.168.99.5/24

FYI, my ASA are running ACTIVE/ACTIVE failover.

I have 2 core switch that connected both ASA that i was assign the ip address (core1)192.168.99.2 that directly connected to inside interface ASA_1 (192.168.99.5) and ip address 192.168.99.3(core2)directly connected to inside interface ASA_2 (192.168.99.6). On core switch, i put the last resort gateway 0.0.0.0 0.0.0.0 192.168.99.5 for core1 and core2 0.0.0.0 0.0.0.0 192.168.99.6. The internal routing (from core switch and below) is ok, no problem at all. The problem is, from the core switch, i cant ping the inside interface on both ASA. I already configure the ACLs any to any to pass all the traffic but it seems not working.

Here are the situation of problem no.2.

I buy the ASA with the CSC-SSM slot. I already registered the license and cisco gave me the base license and plus license. On part license i think no problem at all. ok, after i go through the csc-ssm wizard. i configure the ip management for csc-ssm slot is 1.1.1.1/24 and the gateway 1.1.1.1/24. After finished the configuration, i try to launch the csc-ssm through asdm but the error appears said that the ip management csc-ssm are not reachable. I also put a routing on the asdm but still not working.do i need the ACL or NAT to make them communicate?

here are the config.

management0/0 - 10.0.1.6/24
csc-ssm - 1.1.1.1/24
allowing trafic access - 0.0.0.0/24


I already give my effort to try understanding how the NAT and ACLs works but i have got confused the flow of the NAT and ACLs. Please help me to solve this issued or give me some clues