Can not ping thru ASA

Unanswered Question
Apr 4th, 2007

I have a ASA 5540 and currently two route statements one for the inside traffic and the other a DF route to the outside. The ACl I have is an extended ACL allowing IP to any any applied to the in interface inside, out interface inside. Yet I can not ping from an internal host thru the ASA nor can I ping from a external host to the internal network. Anyone have any ideas?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
abinjola Wed, 04/04/2007 - 10:45

either add this :-

ASA(config)# policy-map global_policy

ASA(config-pmap)# class inspection_default

ASA(config-pmap-c)# inspect icmp

or add an access list on the outside permitting the icmp

laverne-sanders Wed, 04/04/2007 - 11:07

I have an access-list that allows echo and echo reply but I can not ping thru the device. When logged into the console I can ping everywhere. I have an access-list on the Inside interface for in and out bound traffic that permits IP any any to inculde echo and echo reply.

acomiskey Wed, 04/04/2007 - 11:13

As abinjola said, you would need to allow echo-reply into outside interface. The ping is going out, but is being stopped on the way back.

abinjola Wed, 04/04/2007 - 11:22

as i've already explained eiher add inspect icmp or add an access-list on the "outside" Interface to allow the ping reply through

Actions

This Discussion