Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Can't ping management IP on ASA from inside

I'm trying to figure out why I can't ping the inside management IP address of my ASA. I can ping any other IP on the same subnet from my desktop except this one. When I perform a debug icmp trace on the ASA, it shows the ping coming from my desktop but not returning.

Any suggestions? Thanks, Tony

2 REPLIES
Silver

Re: Can't ping management IP on ASA from inside

Hi Tony,

It seems that sitting on the inside subnet, you are trying to ping the IP address on management interface which is not working. However, you are able to ping everything else on the management subnet. Please correct me if wrong.

You wont be able to ping the management interface IP. This is not allowed on firewall. Please refer to following link-

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094e8a.shtml

"The information in this document is based on PIX Software versions 4.1(6) and later."

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094e8a.shtml#pingsown

"You are not able to ping interfaces on the "far side" of the PIX in any version."

Hope this clear up things.

Regards,

Vibhor.

Community Member

Re: Can't ping management IP on ASA from inside

Hi Vibhor, thanks for the information, the diagram on that page helps. It's a little strange though, as I can ping the "inside" interface, which is on 10.2.1.0, from 10.4.13.0 (me), but can't ping the "management" interface, which is on 10.100.1.0.

1404
Views
0
Helpful
2
Replies
CreatePlease to create content