minor issue ASA 5505

blue4cisco · ‎05-19-2008

Hi,

I just installed ASA 5505 using at vlan2 external ip n at vlan 1 internal ip.. I can't ping external ip form internal ip n reverse. ?

??

alanajjar · ‎05-19-2008

Hi,

To enable ASA interfaces to reply on ping command, use the following command :

icmp permit ip_address net_mask [icmp_type] if_name

ip_address is the ips that will be allowed to ping.

icmp_type is the message type, its optional you can use any to enable all icmp messages.

if_name is the name of the interface which will be pinged.

example ,if you want to grant icmp on outside interface for host 10.1.1.1

then the command will be:

icmp permit host 10.1.1.1 outside

with regards

blue4cisco · ‎05-19-2008

That's nice I try it.. can u tell me how do I access ASA cli mode remotely ?

alanajjar · ‎05-19-2008

Hi,

You can access ASA CLI by using telnet or SSH. for telnet access configure these commands :

telnet ip_addr mask if_name

ip_address is the address or range of addresses that will grant access the ASA. example:

telnet 10.1.1.0 255.255.255.0 inside

to define password for telnet use the command :

passwd your_password

to use ssh, you need to define the following:

1- ssh ip_addr mask if_name

2- define a crypto key, use the command :

crypto key generate rsa general-keys

3- define the AAA authentication for users that will use ssh , use :

aaa authentication ssh console LOCAL

LOCAL word is case sensitive

4- define accounts for users to access the ASA :

username user password password

please rate the post if it solve the problem.

with regards