How can I make VPN Clients visible via icmp from the inside interface

Unanswered Question
Nov 24th, 2009

We want to reach all VPN Clients via the inside interface of the ASA  with icmp from the inside LAN.

We are using DAP with ACL's to reach targets on the inside LAN from the VPN Clients.


We only can reach the VPN Clients from hosts which have been opened via  DAP ACL.

We created ACL to allow icmp on the inside interface any any

We get this errror message.

6 Nov 24 2009 06:39:33 109025 512 0 Authorization denied (acl=DAP-ip-user-206AB50D) for user '<unknown>' from to on interface inside using ICMP

Can anyone help?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Ivan Martinon Wed, 12/02/2009 - 11:47

It seems to me that your DAP is too specific, you might need to broad your scope to include those hosts that are not being able to ping those clients.


This Discussion