Talking to Pix inside interface over VPN tunnel

stephen.simpson · ‎07-15-2007

I have had this problem a couple of times and have not resolved it yet. I have a Pix that I manage at a remote site via SSH to the outside interface. The remote Pix has an IPSEC VPN tunnel to my main site Pix. I want to use SNMP from my main site to the inside interface of the remote Pix. But I can't SNMP or ping to the remote Pix inside interface. Also, when on the remote Pix, I can't ping my main site SNMP server using ping inside x.x.x.x or ping outside x.x.x.x. However, devices that are on the remote network can talk to the SNMP server and other devices in my main site network. Is there a specific command that allows the Pix inside interface to talk over the VPN tunnel? The SNMP server and Pix interface are in the all the ACLs on the both Pixs (crypto ACL, No-Nat ACL, outside ACL).

froggy3132000 · ‎07-15-2007

print output of

show icmp

or

sh run icmp

amitbatra · ‎07-15-2007

hello my friend,

well when u try to ping from the firewall itself. the source IP of the traffic is the outside interface. and the destination is the SNMP server. which is private. thats why its not working.

if u add a line in the access-list for VPN connection and add the source IP as outside interface and destination as snmp. that might work.

hope this helps u.