I have a site-to-site VPN between an ASA 5505 and a PIX 501. The tunnel connects to private LANs A and B.
Now from LAN A I can ping hosts on LAN B.
From ASA on LAN A can ping hosts on LAN A.
But I can't ping from ASA on A hosts behind PIX on remote LAN B. And vice versa from PIX on LAN B it is not possible to ping hosts on LAN A.
I can successfully ping Internet addresses from both ASA and PIX.
ICMP is allowed on both ASA and PIX.
Should specifically allow ICMP for the tunnel? What else might I miss?