minor issue ASA 5505

Unanswered Question
May 19th, 2008


I just installed ASA 5505 using at vlan2 external ip n at vlan 1 internal ip.. I can't ping external ip form internal ip n reverse. ?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
alanajjar Mon, 05/19/2008 - 06:35


To enable ASA interfaces to reply on ping command, use the following command :

icmp permit ip_address net_mask [icmp_type] if_name

ip_address is the ips that will be allowed to ping.

icmp_type is the message type, its optional you can use any to enable all icmp messages.

if_name is the name of the interface which will be pinged.

example ,if you want to grant icmp on outside interface for host

then the command will be:

icmp permit host outside

with regards

blue4cisco Mon, 05/19/2008 - 20:28

That's nice I try it.. can u tell me how do I access ASA cli mode remotely ?

alanajjar Mon, 05/19/2008 - 21:18


You can access ASA CLI by using telnet or SSH. for telnet access configure these commands :

telnet ip_addr mask if_name

ip_address is the address or range of addresses that will grant access the ASA. example:

telnet inside

to define password for telnet use the command :

passwd your_password

to use ssh, you need to define the following:

1- ssh ip_addr mask if_name

2- define a crypto key, use the command :

crypto key generate rsa general-keys

3- define the AAA authentication for users that will use ssh , use :

aaa authentication ssh console LOCAL

LOCAL word is case sensitive

4- define accounts for users to access the ASA :

username user password password

please rate the post if it solve the problem.

with regards


This Discussion