Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Can not ping thru ASA

I have a ASA 5540 and currently two route statements one for the inside traffic and the other a DF route to the outside. The ACl I have is an extended ACL allowing IP to any any applied to the in interface inside, out interface inside. Yet I can not ping from an internal host thru the ASA nor can I ping from a external host to the internal network. Anyone have any ideas?

5 REPLIES
Cisco Employee

Re: Can not ping thru ASA

either add this :-

ASA(config)# policy-map global_policy

ASA(config-pmap)# class inspection_default

ASA(config-pmap-c)# inspect icmp

or add an access list on the outside permitting the icmp

New Member

Re: Can not ping thru ASA

I have an access-list that allows echo and echo reply but I can not ping thru the device. When logged into the console I can ping everywhere. I have an access-list on the Inside interface for in and out bound traffic that permits IP any any to inculde echo and echo reply.

Green

Re: Can not ping thru ASA

As abinjola said, you would need to allow echo-reply into outside interface. The ping is going out, but is being stopped on the way back.

Silver

Re: Can not ping thru ASA

Here is a good link for ICMP on the ASA.

http://www.cisco.com/en/US/customer/products/hw/vpndevc/ps2030/products_tech_note09186a0080094e8a.shtml#topic0

Thanks,

Chad

Please rate if this helps!

Cisco Employee

Re: Can not ping thru ASA

as i've already explained eiher add inspect icmp or add an access-list on the "outside" Interface to allow the ping reply through

276
Views
0
Helpful
5
Replies
CreatePlease login to create content