06-12-2007 07:50 AM - edited 03-11-2019 03:28 AM
I'm trying to figure out why I can't ping the inside management IP address of my ASA. I can ping any other IP on the same subnet from my desktop except this one. When I perform a debug icmp trace on the ASA, it shows the ping coming from my desktop but not returning.
Any suggestions? Thanks, Tony
06-12-2007 08:12 AM
Hi Tony,
It seems that sitting on the inside subnet, you are trying to ping the IP address on management interface which is not working. However, you are able to ping everything else on the management subnet. Please correct me if wrong.
You wont be able to ping the management interface IP. This is not allowed on firewall. Please refer to following link-
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094e8a.shtml
"The information in this document is based on PIX Software versions 4.1(6) and later."
"You are not able to ping interfaces on the "far side" of the PIX in any version."
Hope this clear up things.
Regards,
Vibhor.
06-12-2007 08:28 AM
Hi Vibhor, thanks for the information, the diagram on that page helps. It's a little strange though, as I can ping the "inside" interface, which is on 10.2.1.0, from 10.4.13.0 (me), but can't ping the "management" interface, which is on 10.100.1.0.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide