Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Unable to PING inside interface (from the inside !)

I've got an ASA running 8.4(2)

I've setup a simple IP address on one of it's ports. I've plugged in a PC to that port. The PC has been given the IP address of the ASA as it's default gateway.

From the ASA, I can ping the PC fine.

From the PC, I can't ping the ASA.

Using the "capture" command, I can see the ICMP echo request packests come in to the ASA, but nothing leaves.

Another interesting fact, is that the ASA never populates it's ARP table with the MAC address of the PC (despite the fact that it can PING it). Also, just running a plain capture on this interface shows the ASA repeatedly issuing ARP "who-has" packets. (The capture command shows the replies coming back, but a "sh arp" shows that the entries hasn't been learnt)

Any suggestions on how to fix or troubleshoot this ?

Thanks,

GTG

Please rate all helpful posts.
  • Firewalling
1 REPLY
New Member

Unable to PING inside interface (from the inside !)

I think ASA by default block ICMP packets as the outside interface is by default rejecting all the traffic as of the lower security.

Try to enable the ICMP on the outside interface by using this Cisco recommendation:

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a0080094e8a.shtml

251
Views
0
Helpful
1
Replies
This widget could not be displayed.