Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Can't ping a device over the VPN


On one of our sites we have a vlan dedicated to third party equipment and devices. We have just had a new device installed.

I can ping this device when on the network, but I get no response when I try to ping it from over a vpn connection. I can ping other devices on that network, just not this one.

And it's got me stumped. The company have stated there's nothing in the config of the device that would prevent this.

Any ideas?


Re: Can't ping a device over the VPN


Is that device that you're trying to PING part of the interesting traffic (VPN traffic)?

That device has the same default gateway as the other devices that you can PING?

Are there any filters for VPN traffic that might be preventing communication with that device?


New Member

Re: Can't ping a device over the VPN

Thanks Federico,

Yes it's part of interesting traffic.

Yes it has the same gateway as other pingable devices.

No there are no filters.

I've double-checked the settings on the device and it's just simple address, mask and gateway settings.

Still can't ping it. I can ping it from the firewall itself, just not when on the vpn.

Still baffled

Re: Can't ping a device over the VPN

Post your nat configs (sanitize if necessary).  When dealing with access issues over VPN, NAT is usually the best place to start if you can connect successfully.

Cisco Employee

Re: Can't ping a device over the VPN

Most of the time when I see this, the issue is that the new device doesn't have a default route set, or its default route points to a router that does not have a route to the VPN.

That is, your packets get to it just fine, but its replies are either never sent, or sent to the wrong place.  Look at the routing table of the un-answering device, or trt a traceroute from that device to the VPN.

Another common problem is that the device has the subnet mask set incorrectly and is ARPing when it should be using its route table or vice-versa.