cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
281
Views
0
Helpful
3
Replies

pings from ASA or ASA

augnevenok
Level 1
Level 1

Hi,

I have a site-to-site VPN between an ASA 5505 and a PIX 501. The tunnel connects to private LANs A and B.

Now from LAN A I can ping hosts on LAN B.

From ASA on LAN A can ping hosts on LAN A.

But I can't ping from ASA on A hosts behind PIX on remote LAN B. And vice versa from PIX on LAN B it is not possible to ping hosts on LAN A.

I can successfully ping Internet addresses from both ASA and PIX.

ICMP is allowed on both ASA and PIX.

Should specifically allow ICMP for the tunnel? What else might I miss?

Thank you.

Regards,

Alex

3 Replies 3

ccna2
Level 1
Level 1

Hi,

You need to issue the command: "management-access inside" in order for this to work.

Regards,

Thomas BJ.

"management-access inside" is enabled on both devices. Still cannot ping from device hosts that are behind the other device across VPN tunnel.

What should be enabled/allowed for these pings to come through?

Thank you very much.

Regards,

Alex

Hi Alex,

On each Firewall is the inside interface IP address included in the access-list specifying the interesting traffic?

Do you have filters configured?

Are you correctly using the ping command: "ping inside x.x.x.x"?

Regards,

Thomas BJ

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: