Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
702
Views
0
Helpful
2
Replies

ASA 5505 - Can ping through but not to ASA over site-to-site VPN tunnel

Go to solution
grantl
Level 1
Level 1

‎08-23-2007 02:28 PM - edited ‎03-11-2019 04:02 AM

We have a site-to-site VPN set up between our HQ (10.1.0.x) and a remote site (10.1.5.x). The HQ device is a PIX 515, and the remote device is an ASA 5505.

The tunnel is up and passing traffic. I can ping from any device on the HQ network to any device on the remote network. All IP traffic seems to be fine, as specified by the cryptomap and nonat access lists. The problem is this: I cannot ping the internal interface of the ASA device directly (10.1.5.1) from the HQ network. I'd like to be able to do this so as to monitor the tunnel's up/down status.

We have another remote device (PIX 501) that does allow its internal interface to be pinged through its VPN tunnel. What is different about the ASA that it does not allow this behavior?

TIA for your help.

Grant

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
acomiskey
Level 10
Level 10

‎08-23-2007 02:46 PM

try adding...

management-access inside

Please rate helpful posts.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
acomiskey
Level 10
Level 10

‎08-23-2007 02:46 PM

try adding...

management-access inside

Please rate helpful posts.

0 Helpful

Go to solution
grantl
Level 1
Level 1
In response to acomiskey

‎08-24-2007 07:50 AM

Perfect. Thanks!

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card