PIX 6.3 , ping can't go through ?!

Unanswered Question
Sep 13th, 2010

hi all , we have a scenario that a pix is installed in a remote site and has a vpn connection with the HQ (ASA 8) , the vpn is up but the I can't ping the LAN from eithwr both sites , but also I can do remote desktop from both sites ?!! can anyone help please .

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
dhananjoy chowdhury Mon, 09/13/2010 - 04:03

Hi,

Check whether ICMP is allowed in your Crypto ACL on both sides.

Also check if icmp inspection is enabled.

policy-map global_policy
    class inspection_default
     inspect icmp

khdouradtech Mon, 09/13/2010 - 05:10

first to be clear the HQ has more than one remote site and all are working except the newly configured remote site, on the pix I put the command (fixup protocol icmp error) and still nothing ?! it does not take the commands you mentioned before because its version is 6.3(4) and the ACL regarding the VPN is permit ip => everything is open for now, so do you have something in mind upon this reply ?

dhananjoy chowdhury Mon, 09/13/2010 - 04:04

Hi,

Check whether ICMP is allowed in your Crypto ACL on both  sides.

Also check if icmp inspection is enabled.

policy-map global_policy
    class inspection_default
     inspect icmp

Actions

This Discussion