Ping Remote ASA's Internal Interface Through VPN

Unanswered Question
Feb 29th, 2008
User Badges:

Hello everyone,


I'm trying to ping a remote ASA's internal interface through an L2L VPN, but I'm getting a


Denied ICMP type = 8, code = 0 from 192.168.0.7on interface 1


in my debug icmp trace when I do so.


It's pretty strange because I have another ASA close to that location with no funky configs and it pings fine.


I can ping to devices behind the ASA in question which have the same subnet IPs.


I've enabled:


icmp permit any echo-reply inside

icmp permit any echo-reply outside


and I've even enabled:


management-access inside


but still no luck...


I'd appreciate it if anyone had any insight of what's happening here and shared it with me.


-Ali

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
amiralisetoudeh Fri, 02/29/2008 - 10:55
User Badges:

Ok - I think I got it right.


I enabled:


icmp permit any inside


and it started working... hmm. Looks like it needs something more than echo-reply to reply to pings?


-Ali

Actions

This Discussion