ASA Inside Interface

Unanswered Question
Apr 15th, 2010
User Badges:

1) I have site to site tunnel between ASA 5520 and sonicwall Pro3060
2) Tunnel is terminated on ASA on int0/2(dmz) and on Sonicwall X5(dmz)

I am able to bring tunnel up. From ASA to sonicwall I am able to ping sonicwall Lan interface and all LAN ip BUT from Sonicwall side I am not able to ping ASA inside interface IP and from ASA I am not able to ping any LAN side IP of sonicwall.

Below is the network topology and attached is config.


I am trying to setup ASA for AAA accounting and authentication and with PRTG to monitor. Tacas server is on Sonicwall LAN ip and PRTG

If I try to ping those two servers IP from ASA sourcing inside interface it is not responding.


USMR02AS01# ping inside
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to, timeout is 2 seconds:
Success rate is 0 percent (0/5)

Any help/input appreciated.

Nice Day

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Federico Coto F... Thu, 04/15/2010 - 13:33
User Badges:
  • Green, 3000 points or more


The crypto map that is applied to the DMZ interface is permitting the following traffic through the tunnel:

access-list dmz1_1_cryptomap_1 extended permit ip inside MR-LAN

In other words:

Between networks and

So, make sure that both internal LANs have a default gateway pointing to the VPN device, or a route to the other end pointing to the VPN device.



This Discussion