Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
319
Views
0
Helpful
2
Replies

Ping Issue

sameoj1881
Level 1
Level 1

‎10-04-2008 05:24 AM - edited ‎03-11-2019 06:53 AM

I am using an ASA 5510 between my inside network and the internet router.

I cannot ping my ASA outside interface and the internet router inside interface.

Here is what I want to achieve:

1. I want my inside users to get to the internet using the proxy addr

2. I want my inside users to ping the outside int of the ASA.

3. I want remote users to access just 3 servers in my inside network, these servers also have a public addresses.

Attached is the config I have presently on the ASA.

Can someone please help me by providing the configs that will make me achieve these tasks stated above.

Thanks in advance.

Labels:
Preview file
5 KB
0 Helpful
2 Replies 2

abinjola
Cisco Employee
Cisco Employee

‎10-04-2008 09:53 AM

"I want my inside users to ping the outside int of the ASA."

By design, you cannot ping indirectly coonnected Interfaces.i.e from inside LAN you cannot ping outside Interface and from outside machine you cannot ping inside interface, thats how ASA is designed

2)Now firstly your default route is not in the same subnet as the outside Interface , why is that ?

Outside Interface:-

ip address 194.203.x.x 255.255.255.0

Default Route :

route outside 0.0.0.0 0.0.0.0 10.163.x.x 1( isp )

Thirdly, do you have a route on Router for the block 62.x.x.x pointing back to ASA outside Interface ?

check the above things and let me know

0 Helpful

sameoj1881
Level 1
Level 1
In response to abinjola

‎10-06-2008 08:51 AM

Thanks for your.

The issue now is that 1 of the servers can connect to the internet but the ISA and exchange server cannot connect yet. These servers are part of the inside users and I want everybody except for these 3 servers to go thru the proxy which is the ISA.

1. I have observed and changed the default route to:route outside 0.0.0.0 0.0.0.0 194.204.x.x which is the internet router inside int.

2. the route I have on the router are:

ip route 0.0.0.0 0.0.0.0 10.163.x.x

ip route 62.x.x.x 255.255.255.255 fa0/0

ip route 62.x.x.x 255.255.255.255 fa0/0

ip route 62.x.x.x 255.255.255.255 fa0/0

There is no route on the router on the block of 62.x.x.x pointing back to ASA outside int.

Can you please help me with the command to achieve this. I have limited access to the internet router cos its belongs to the ISP.

I expect your reply. Thanks.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card