Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Ping Issue

I am using an ASA 5510 between my inside network and the internet router.

I cannot ping my ASA outside interface and the internet router inside interface.

Here is what I want to achieve:

1. I want my inside users to get to the internet using the proxy addr

2. I want my inside users to ping the outside int of the ASA.

3. I want remote users to access just 3 servers in my inside network, these servers also have a public addresses.

Attached is the config I have presently on the ASA.

Can someone please help me by providing the configs that will make me achieve these tasks stated above.

Thanks in advance.

2 REPLIES
Cisco Employee

Re: Ping Issue

"I want my inside users to ping the outside int of the ASA."

By design, you cannot ping indirectly coonnected Interfaces.i.e from inside LAN you cannot ping outside Interface and from outside machine you cannot ping inside interface, thats how ASA is designed

2)Now firstly your default route is not in the same subnet as the outside Interface , why is that ?

Outside Interface:-

ip address 194.203.x.x 255.255.255.0

Default Route :

route outside 0.0.0.0 0.0.0.0 10.163.x.x 1( isp )

Thirdly, do you have a route on Router for the block 62.x.x.x pointing back to ASA outside Interface ?

check the above things and let me know

New Member

Re: Ping Issue

Thanks for your.

The issue now is that 1 of the servers can connect to the internet but the ISA and exchange server cannot connect yet. These servers are part of the inside users and I want everybody except for these 3 servers to go thru the proxy which is the ISA.

1. I have observed and changed the default route to:route outside 0.0.0.0 0.0.0.0 194.204.x.x which is the internet router inside int.

2. the route I have on the router are:

ip route 0.0.0.0 0.0.0.0 10.163.x.x

ip route 62.x.x.x 255.255.255.255 fa0/0

ip route 62.x.x.x 255.255.255.255 fa0/0

ip route 62.x.x.x 255.255.255.255 fa0/0

There is no route on the router on the block of 62.x.x.x pointing back to ASA outside int.

Can you please help me with the command to achieve this. I have limited access to the internet router cos its belongs to the ISP.

I expect your reply. Thanks.

104
Views
0
Helpful
2
Replies