Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Ping through VPN to inside

I have ASA 5220 configured to allow IT persons to have full access into our network using a VPN. There are a few problems, I do not know how to allow icmp and tracert traffic to travers. The gui is a mess and this is my first time using ASA CLI. Please help with suggestions or links as I am sure other persons need this type of access.

To be brief, I have modified the internal group policy ACL manager for that IT group. I have added any to any but still no go, it does open up everthing else. I assume there must be a NAT rule to add?

Thanks for any help.

1 REPLY
Silver

Re: Ping through VPN to inside

Disable ICMP and ICMP error inspection in the policy-map class configuration with the no inspect icmp and no inspect icmp.This should work for ICMP.Refer URL for more information

http://cisco.com/en/US/products/ps6120/products_upgrade_guides_chapter09186a0080609cba.html

86
Views
5
Helpful
1
Replies
CreatePlease login to create content