07-05-2008 01:09 AM - edited 03-11-2019 06:09 AM
Hi,
I have an ASA 5505 ver 8.2 with inside network 192.168.20.0/24 and 192.168.20.254 configured on inside interface.
Also I have an outside interface 10.10.10.1/24 with default gateway 10.10.10.254 assigned on ethernet of router.
On configuration I have :
access-list outside_access_in extended permit icmp any any
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 10.10.10.254
I try to ping from host on inside network the ethernet of the router but I can't do it .
Does anyone help me about ?
best rgeards
Lorenzo
07-05-2008 03:06 AM
could you show the configuration?
07-07-2008 10:58 AM
in any way...
for ping and trace from inside to outside you can do
policy-map global_policy
class inspection_default
inspect icmp
inspect icmp error
07-05-2008 03:24 AM
Hi, Did you use NAT or PAT command? If not then set up these commands and then try. Cheers!!!!!
07-05-2008 07:40 AM
I use pat on outside address,
best regards
Lorenzo
07-05-2008 10:51 AM
your pat statement should look like this then:
global (outside) 1 interface
(or something similar)...
does it?
if you're using the outside interface IP, use the 'interface' keyword in the global statement and not the actual ip of the outside interface.
try adding the following to your outside2in acl:
...permit icmp any any echo-reply
or turn on icmp inpsection.
07-07-2008 10:23 AM
turn on icmp inspection.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide