Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN client 4.0 can't ping PIX inside interface ip address

I have PIX 515, and set up IPSec vpn for user with VPN software client 4.0 to access the corp network, I get user tunnel up, user get a ip address from 515 define pool, but I could not ping PIX inside IP address from this remote VPN client PC, Is this feature or mis configuration? Thanx

1 REPLY
Cisco Employee

Re: VPN client 4.0 can't ping PIX inside interface ip address

It's a "feature", you can't ping a PIX interface IP address from another interface, that includes pinging the inside interface when you come in via a VPN from the outside interface.

To test connectivity you have to ping something inside the PIX, not the PIX itself. Make sure your internal network has a route to the VPn pool of addresses that points to the PIX.

Actually my first paragraph is normally the truth, but in 6.3 they added a command called "management-access" that will allow you to ping the inside address from the outside (and telnet, ssh, snmp, etc also). See http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/mr.htm#1137951 for details.

242
Views
0
Helpful
1
Replies
CreatePlease to create content