Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
18553
Views
0
Helpful
3
Replies

loopback interface in ASA or FWSM

snarayanaraju
Level 4
Level 4

‎08-21-2009 10:27 PM - edited ‎03-11-2019 09:08 AM

Hi experts,

Is it possible to create loopback interfaces in FWSM or ASA firewall

The need is i want a interface command to the firewall as I am facing problem in pinging one interface IP ADDRESS from the other zones.

Thanks in advance

sairam

Labels:
0 Helpful
3 Replies 3

Kevin Redmon
Cisco Employee
Cisco Employee

‎08-23-2009 06:21 AM

Sairam,

No - Cisco firewalls do NOT allow for a loopback address. If you are having issues with pinging a certain interface IP address, please be sure that you are pinging the interface closest to the client machine - ie NOT another interface. Unlike a router, the Cisco firewalls do NOT allow you to ping a "far-side" interface. Also, be sure that you have 'icmp permit ' for the relevant interface.

0 Helpful

mgs
Level 1
Level 1
In response to Kevin Redmon

‎10-24-2009 03:03 AM

Not entirely true. You can issue the 'management-access inside' command, which will enable you to SSH and issue ping/snmp commands on the inside interface IP eg. from the far-end of a IPsec tunnel configured.

0 Helpful

cisco24x7
Level 6
Level 6
In response to mgs

‎10-24-2009 03:16 PM

"Also, be sure that you have 'icmp permit ' for the relevant interface"

This is NOT true. Pix/ASA, by default, will let you ping the interface, unless explicitly dennied.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card