Can not ping thru ASA

Unanswered Question
Apr 4th, 2007
User Badges:

I have a ASA 5540 and currently two route statements one for the inside traffic and the other a DF route to the outside. The ACl I have is an extended ACL allowing IP to any any applied to the in interface inside, out interface inside. Yet I can not ping from an internal host thru the ASA nor can I ping from a external host to the internal network. Anyone have any ideas?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
abinjola Wed, 04/04/2007 - 10:45
User Badges:
  • Cisco Employee,

either add this :-

ASA(config)# policy-map global_policy

ASA(config-pmap)# class inspection_default

ASA(config-pmap-c)# inspect icmp

or add an access list on the outside permitting the icmp

laverne-sanders Wed, 04/04/2007 - 11:07
User Badges:

I have an access-list that allows echo and echo reply but I can not ping thru the device. When logged into the console I can ping everywhere. I have an access-list on the Inside interface for in and out bound traffic that permits IP any any to inculde echo and echo reply.

acomiskey Wed, 04/04/2007 - 11:13
User Badges:
  • Green, 3000 points or more

As abinjola said, you would need to allow echo-reply into outside interface. The ping is going out, but is being stopped on the way back.

abinjola Wed, 04/04/2007 - 11:22
User Badges:
  • Cisco Employee,

as i've already explained eiher add inspect icmp or add an access-list on the "outside" Interface to allow the ping reply through


This Discussion