08-13-2010 09:40 AM
Very old problem. Tunnel comes up I am able to ping and connect any host from ASA inside network to Sonicwall insidenetwork but I am not able to connect any host from Sonicwall network to ASA inside network. Pind is even not working. I know i see many geeks around should solve this preety quickly.
Sonicwall Pro3060
Outside: 4.2.2.1
Inside: 192.168.208.0/24
ASA
Outside: 4.2.2.2
Inside: 192.168.98.0/24
Attached is the configuration for the ASA.
Thanks in Advance.
08-13-2010 10:11 AM
It is possible that there is more than one problem. But the first issue that I notice is the access list applied to your outside interface:
access-list inbound extended permit icmp any any echo-reply
access-list inbound extended permit icmp any any unreachable
access-list inbound extended permit icmp any any time-exceeded
!
access-group inbound in interface outside
With this access list I wonder that the tunnel comes up. And since it permits echo-reply but does not permit echo, then it would allow the network at the peer to respond to ping but not allow them to initiate ping.
Fix the issue with the access list and then let us know what happens.
HTH
Rick
08-13-2010 12:58 PM
Hey Richard,
That was good catch. Tunnel was down due to those access list. it was not working at all.
I had reset it to default and reconfigured the ASA tunnel is backup and now I am able to ping devices at both end.
The onlye problem now I am facing is I am not able to ping inside interface IP of ASA that is 192.168.98.2. I am able to ping any device behind inside interface.
Find attached current config.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide