In the company I work for we have two Cisco VPN 3000 Concentrators. They're running the same code level 3.6.7 and have the exact same configuration. I confirmed this by logging on to both boxes and checked every single option one by one. They're identical; however, I cannot ping one of them. I have also checked all my routing tables on the router, PIX firewall, etc. They are OK. Finally, I cannot even ping the "default gateway" from the Concentrator.
Do you have the ICMP In/Out rules in the Public filter, assuming you're trying to ping the public interface address? Check under Config - Policy Mgmt - Traffic Mgmt - Filters, select the Public filter and then Assign Rules to Filter.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...