VPN anyconnect no Ping ip firewall

Unanswered Question
Apr 10th, 2012
User Badges:

II have a management network 192.168.5.x and VPN network 192.168.25.x. I can ping a all my network elements except to firewall (ASA5510). The ASA has the IP 192.168.5.1. I think that the firewall has some restriction but I don't know. I have 8.2 software and anyconnenct 3.0 and work fine. If I am in the management network (192.168.5.7), I can ping to firewall. The restrict is with the VPN network.


Thanks,


Sent from Cisco Technical Support iPhone App

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jouni Forss Tue, 04/10/2012 - 04:51
User Badges:
  • Super Bronze, 10000 points or more

Hi,


I gather you are trying to ping the ASA inside interface from a connected VPN Client?


To my understanding this is not possible.


You can't ping an interface IP address from behind some other interface on the ASA. In this case it would be a ICMP echo coming from outside to inside interface IP


To otherwise enable ICMP to ASA interface use the following command format


icmp permit/deny


- Jouni

Polkara10 Tue, 04/10/2012 - 07:55
User Badges:

Thanks but didn't work.


Sent from Cisco Technical Support iPhone App

Jouni Forss Tue, 04/10/2012 - 08:00
User Badges:
  • Super Bronze, 10000 points or more

Hey,


As I said you can't ping an ASA interface behind another interface.


So pinging from VPN Client host (which is behind outside) to inside interface IP (which is "behind" inside interface) isnt possible to my knowledge.


The command format I added is just to point out how you can allow ICMP when you are pinging the ASA interface IP behind that same interface.


- Jouni

Actions

This Discussion