Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

ASA 5510 routing problem...

I have the following network as shown. I seem to have some problems configuring routes for the ASA 5510fw1.jpg.

I need hosts on network (HEADQUATER) to be able to ping the hosts on (BRANCH). But hosts on the headquater network can only ping the outside interface of the ASA firewall ( The hosts on HQ network are not able to ping the inside interface or the host on the branch network.

This is my firewall route configuration


network: next-hop:

network: next-hop:

How to fix this problem? Thanks in advance

Community Member

Re: ASA 5510 routing problem...


by design you cant ping the inside interface coming in from the outside.  

please post your config of the ASA - it could be your ACL's blocking echo-replies

the route on the ASA looks good but do need to the see the config of the ASA


Cisco Employee

Re: ASA 5510 routing problem...

On the ASA try adding "inspect icmp" and see if that helps.


Community Member

Re: ASA 5510 routing problem...

kusankar wrote:

On the ASA try adding "inspect icmp" and see if that helps.


its not really a acl problem, i have allowed all incoming and outgoing IP traffic on both interfaces. Its more like routing problem

I have a route (to my HEADQUATER network) on my OUTSIDE interface. But i dont have this route on my INSIDE interface. Which is why the echo-reply packets cannot find a way back when i ping the inside interface.

But if i try adding a route to the inside interface....the asa says a route with the same gateway already exists

Why is this so?

CreatePlease to create content