Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

Ping Remote ASA's Internal Interface Through VPN

Hello everyone,

I'm trying to ping a remote ASA's internal interface through an L2L VPN, but I'm getting a

Denied ICMP type = 8, code = 0 from interface 1

in my debug icmp trace when I do so.

It's pretty strange because I have another ASA close to that location with no funky configs and it pings fine.

I can ping to devices behind the ASA in question which have the same subnet IPs.

I've enabled:

icmp permit any echo-reply inside

icmp permit any echo-reply outside

and I've even enabled:

management-access inside

but still no luck...

I'd appreciate it if anyone had any insight of what's happening here and shared it with me.


Community Member

Re: Ping Remote ASA's Internal Interface Through VPN

Ok - I think I got it right.

I enabled:

icmp permit any inside

and it started working... hmm. Looks like it needs something more than echo-reply to reply to pings?


CreatePlease to create content