Cisco ASA 5510 issue

Unanswered Question
Jul 18th, 2007
User Badges:


I have Cisco ASA 5510 ,which 4 interface and one management interface

Please go through the following interface configuration and nat and access-list,then i have a PC connected a PC in the dmz switch whose IP add is /24

And I have another PC connected to inside zone whose Ip add is which is natted to for DMZ to Inside communication.

Now the issue is I am not able to ping( the PC (private IP is natted IP the dmz zone PC (from

Please help me to resolve the issue.

configuration details:

interface Ethernet0/0

nameif outside

speed 100

duplex full

security−level 0

ip address

no shut

interface Ethernet0/1

nameif inside

security−level 100

speed 100

duplex full

ip address

no shut

interface Ethernet0/2

nameif dmz

security−level 50

speed 100

duplex full

ip address

no shut

route Outside

nat (inside) 1 0 0

global (outside) 1 interface

static (inside,DMZ)


access−list DMZtoInside extended permit ip host host

access−group DMZtoInside in interface DMZ

Then trouble shooting by issuing clear xlate,then try pinging... but not pinging,from the ASA propmt I able to ping both inside interface IP and dmz interface IP,and both zone PCs,but not able to ping between PCS.

Please help me to resolve the issue.

Thanks and Regards,


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
acomiskey Wed, 07/18/2007 - 10:19
User Badges:
  • Green, 3000 points or more

You must allow icmp in your acl.

access−list DMZtoInside extended permit icmp host host

Please rate helpful posts.


This Discussion