10-14-2008 02:57 AM - edited 03-03-2019 11:55 PM
Hi
2 office is site 2 site vpn.
office 1 - london
office 2 - tokyo
from london I want to be able to ping the inside interface of tokyo across the VPN. Can some please tell me how to do this? I tried adding another cryptop acl for icmp but it did not work.
please help
thanks
10-14-2008 03:15 AM
ICMP will be allowed by the "interesting" crypto access-list.
make sure the ACl allows just IP or also ICMP.
This has to be the same for both ends, also check your no-nat to insure you do not have any issues there.
HTH>
10-14-2008 05:04 AM
I have a crypto map applied on both fwalls for icmp
I also have on the tokyo side
icmp permit any inside
icmp permit any echo-reply inside
icmp permit any echo inside
icmp permit any outside
icmp permit any echo-reply outside
icmp permit any echo outside
and on the london side
icmp permit any inside
access-list outside_in extended permit icmp any any echo-reply
need some help here please
10-14-2008 05:10 AM
Post your config's from both devices for review, remove sensitive information.
10-14-2008 05:33 AM
10-15-2008 01:56 AM
resolved myself. mangement network inside is the command that you need to achieve this
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: