cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
553
Views
0
Helpful
5
Replies

How to enable ICMP

darkbeatzz
Level 1
Level 1

Hi

2 office is site 2 site vpn.

office 1 - london

office 2 - tokyo

from london I want to be able to ping the inside interface of tokyo across the VPN. Can some please tell me how to do this? I tried adding another cryptop acl for icmp but it did not work.

please help

thanks

5 Replies 5

andrew.prince
Level 10
Level 10

ICMP will be allowed by the "interesting" crypto access-list.

make sure the ACl allows just IP or also ICMP.

This has to be the same for both ends, also check your no-nat to insure you do not have any issues there.

HTH>

I have a crypto map applied on both fwalls for icmp

I also have on the tokyo side

icmp permit any inside

icmp permit any echo-reply inside

icmp permit any echo inside

icmp permit any outside

icmp permit any echo-reply outside

icmp permit any echo outside

and on the london side

icmp permit any inside

access-list outside_in extended permit icmp any any echo-reply

need some help here please

Post your config's from both devices for review, remove sensitive information.

here are both configs thanks

resolved myself. mangement network inside is the command that you need to achieve this

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco