cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
435
Views
5
Helpful
3
Replies

Can't ping remote ASA over a L2L

cowetacoit
Level 1
Level 1

I have an ASA5520 and about 10 5505's. All running Site to Sites. The tunnels are up and everything has been running fine. Although on the Local side i can't ping the remote ASA, but i can ping all the devices behind it. On the remote side i can ping the 5520 and everything else on my network i am allowing. When i watch the log in the ASDM on the 5520 nothing shows up related to the ping to the 5505. On the 5505 i don't see where it is blocking ICMP. It just says

"6 Aug 14 2008 05:40:49 302020 10.0.3.69 192.168.1.101 Built outbound ICMP connection for faddr 10.0.3.69/512 gaddr 192.168.1.101/0 laddr 192.168.1.101/0"

and

"6 Aug 14 2008 05:40:49 302021 10.0.3.69 192.168.1.101 Teardown ICMP connection for faddr 10.0.3.69/512 gaddr 192.168.1.101/0 laddr 192.168.1.101/0"

This is normal traffic for a S2S i assume. While i'm trying to get this working i have this configured,

icmp permit any inside

icmp permit any outside"

Any suggestions?

1 Accepted Solution

Accepted Solutions

acomiskey
Level 10
Level 10

If you're trying to ping the inside interface from across the tunnel, try adding...

management-access inside

View solution in original post

3 Replies 3

acomiskey
Level 10
Level 10

If you're trying to ping the inside interface from across the tunnel, try adding...

management-access inside

That command did work. I was able to ping the inside interface however i lost ASDM communication. Any suggestions?

i got it. thanks. i didn't add the remote inside network to the allowed http

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: