ASA 505 inside not responding to ping.

Unanswered Question
Aug 18th, 2008

I have an ASA 505 all have an ACL in place to allow the management net xxx.xxx. 21.0 0.0.0.255 to ping any computer on the inside of the ASA. Now when I send a ping request it asa gives me the following response.

"Routing failed to locate next hop for icmp from inside 10.xx.180.1/o to xx.xxx.21.60

I have a gateway of last resort set staticlly as

S* 0.0.0.0 0.0.0.0 [1/0] via xxx.xxx.120.125, outside.

My ACl seems to be working

6 Aug 18 2008 11:42:36 302020 xxx.xxx.21.60 10.xxx.180.1 Built inbound ICMP connection for faddr xxx.xx.21.60/768 gaddr 10.xxx.180.1/0 laddr 10.xxx.180.1/0

Any help would be great.

Thanks

mike

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
ggilbert Mon, 08/18/2008 - 09:40

Mike,

From the management network side if you are trying to access something on the inside, then you would need to have some kind of translation & permission depending on the security levels of the interface.

Do you have them?

Gilbert

ggilbert Mon, 08/18/2008 - 09:42

Mike,

If you do have them, then are you permitting on the ACL to allow the ICMP packet.

Its hard to say without seeing the configs.

Would it be possible if you could get the section of the config, pasted.

Gilbert

michael.m.williams Mon, 08/18/2008 - 10:32

Here is my config.

The ITS_MGT subnet is xxx.xxx.21.0

ACL is in place to allow ping. Just can't seem to rout response out of ASA.

error again is.

6 Aug 18 2008 13:29:03 110003 10.xx.180.1 xxx.xx.21.60 Routing failed to locate next hop for icmp from inside:10.xx.180.1/0 to inside:xxx.xx.21.60/0

thanks

mike

Actions

This Discussion