Solved: Can't ping remote ASA over a L2L

cowetacoit · ‎08-14-2008

I have an ASA5520 and about 10 5505's. All running Site to Sites. The tunnels are up and everything has been running fine. Although on the Local side i can't ping the remote ASA, but i can ping all the devices behind it. On the remote side i can ping the 5520 and everything else on my network i am allowing. When i watch the log in the ASDM on the 5520 nothing shows up related to the ping to the 5505. On the 5505 i don't see where it is blocking ICMP. It just says

"6 Aug 14 2008 05:40:49 302020 10.0.3.69 192.168.1.101 Built outbound ICMP connection for faddr 10.0.3.69/512 gaddr 192.168.1.101/0 laddr 192.168.1.101/0"

and

"6 Aug 14 2008 05:40:49 302021 10.0.3.69 192.168.1.101 Teardown ICMP connection for faddr 10.0.3.69/512 gaddr 192.168.1.101/0 laddr 192.168.1.101/0"

This is normal traffic for a S2S i assume. While i'm trying to get this working i have this configured,

icmp permit any inside

icmp permit any outside"

Any suggestions?

acomiskey · ‎08-14-2008

If you're trying to ping the inside interface from across the tunnel, try adding...

management-access inside

View solution in original post

acomiskey · ‎08-14-2008

If you're trying to ping the inside interface from across the tunnel, try adding...

management-access inside

cowetacoit · ‎08-14-2008

That command did work. I was able to ping the inside interface however i lost ASDM communication. Any suggestions?

cowetacoit · ‎08-14-2008

i got it. thanks. i didn't add the remote inside network to the allowed http