Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Can't ping sub-interfaces in ASA 5520

Hello, I have an ASA 5520 with 11 vlans configured on "internal" sub-interfaces and one interface configured for outside.

The ASA device is routing traffic correctly between vlans and outside interface but the sub-interfaces will not resopnd to ping or trace route commands.

While in command line via console, if I try to ping from outside interface to any internal sub-interface I get "no route to host" error.

If I'm on a pc on outside network and try to ping a pc on inside network (and vis-versa), this works fine but if I try to ping one of the router sub-interfaces I get no reply.

Is there a way to turn on ICMP for router interfaces ?

Thanks

1 REPLY

Re: Can't ping sub-interfaces in ASA 5520

Hi Scott,

Are you trying to ping router sub-interface or ASA inside- sub-interface?

To allow you tp ping ASA physical interface or sub-interfaces, use:

icmp permit

icmp permit

e.g

icmp permit any sub-intf01

http://www.cisco.com/en/US/products/ps6120/products_command_reference_chapter09186a00805fba52.html#wp1615091

Pinging from outside to internal sub-interface is not possible, unless for directly connected interface, e.g you can ping outside interface from outside/internet segment but not inside sub-interface and vice-versa.

Rgds,

AK

3111
Views
0
Helpful
1
Replies
CreatePlease to create content