We try to install a 5505 with no nat-control. We have public addresses (subnet) for outside and public for inside. But we cannot route between the two interfaces. We turn off nat-control and we removed all nat lines. We put in an ACL to allow traffic from outside to inside. (outside sec=0 inside sec=100) But in the syslogs we get the message while doing an ping or trace from the ASDM tools: unable to get next hop for xx.xx.xx.xx where xx is on our inside interface. We only put in a static route for the outside interface. 0.0.0.0/24 to next hop.
The asa is on a dmz_restricted license. Can that be the problem ? Or are we missing something ??
We are using pix 506 for a while like this but the asa is a little different in this