Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5520 Firewall configuration Problem

I have an ASA 5520 placed between two different networks and have to provide interconnectivity between them. The ASA is placed between two Layer 3 switches. I had configured ASA as below:

interface GigabitEthernet0/0 //(Outside)

nameif Network-2

security-level 0

ip address 10.66.88.100 255.255.255.0

!

interface GigabitEthernet0/1 //(Inside)

nameif Network-1

security-level 100

ip address 10.68.1.7 255.255.255.0

global (Network-2) 1 10.66.0.0 netmask 255.255.0.0

nat (Network-1) 1 10.68.1.0 255.255.255.0 0 0

route Network-2 10.66.1.0 255.255.255.0 10.66.88.200 1

Note:

1.) Say the two different networks are 10.68.1.0 (network A) and 10.66.1.0 (network B)

2.) 10.66.88.200 is the next hop ip address of the layer3 switch at Network-B

I am able to ping all the systems in the two networks from the ASA.

I am unable to ping interface 10.66.88.100 from Network-A and Network B. How to resolve the problem?? Please guide?.

All helpful posts will be rated

Thanks in Advance

Sridhar

1 REPLY
Hall of Fame Super Blue

Re: ASA 5520 Firewall configuration Problem

Hi

To allow network B to ping the outside interface try adding this to config

asa(config)# icmp permit 10.66.1.0 255.255.255.0 outside

I don't believe that the ASA device allows you to ping an interface that is remote ie.

from the inside you can only ping the inside interface of the ASA,, you cannot ping the outside interface and vice-versa.

HTH

Jon

244
Views
0
Helpful
1
Replies