Ping Issue

Unanswered Question
Oct 4th, 2008
User Badges:

I am using an ASA 5510 between my inside network and the internet router.

I cannot ping my ASA outside interface and the internet router inside interface.

Here is what I want to achieve:

1. I want my inside users to get to the internet using the proxy addr

2. I want my inside users to ping the outside int of the ASA.

3. I want remote users to access just 3 servers in my inside network, these servers also have a public addresses.

Attached is the config I have presently on the ASA.

Can someone please help me by providing the configs that will make me achieve these tasks stated above.

Thanks in advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
abinjola Sat, 10/04/2008 - 09:53
User Badges:
  • Cisco Employee,

"I want my inside users to ping the outside int of the ASA."

By design, you cannot ping indirectly coonnected Interfaces.i.e from inside LAN you cannot ping outside Interface and from outside machine you cannot ping inside interface, thats how ASA is designed

2)Now firstly your default route is not in the same subnet as the outside Interface , why is that ?

Outside Interface:-

ip address 194.203.x.x

Default Route :

route outside 10.163.x.x 1( isp )

Thirdly, do you have a route on Router for the block 62.x.x.x pointing back to ASA outside Interface ?

check the above things and let me know

sameoj1881 Mon, 10/06/2008 - 08:51
User Badges:

Thanks for your.

The issue now is that 1 of the servers can connect to the internet but the ISA and exchange server cannot connect yet. These servers are part of the inside users and I want everybody except for these 3 servers to go thru the proxy which is the ISA.

1. I have observed and changed the default route to:route outside 194.204.x.x which is the internet router inside int.

2. the route I have on the router are:

ip route 10.163.x.x

ip route 62.x.x.x fa0/0

ip route 62.x.x.x fa0/0

ip route 62.x.x.x fa0/0

There is no route on the router on the block of 62.x.x.x pointing back to ASA outside int.

Can you please help me with the command to achieve this. I have limited access to the internet router cos its belongs to the ISP.

I expect your reply. Thanks.


This Discussion