Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

switch to firewall cannot ping


I havijng problems with cisco asa 5520. here is the setup. The asa has an inside, outside and dmz interface (dmz has sub interface and trunked to a dmz swtch- cisco 3750 - layer 2 only ) connected to the dmz firewall. the dmz has a mgmt address of the dmz switch has two wireless controllers. one of them have a mgmt address of and DG of on the cisco asa. the other one has has a mgmt add of with a DG of on the cisco asa.  now i can get to wlc 1 (  from the asa ( and vice versa without any problems. but access to asa ( from is intermittetnt and the other way around is fine. so i created a subinterface on the dmz swtch with however i cant ping from the l2 switch (dmz switch) even with a source of (this is directly connected to the firewall with trunk and subinterface)

ip default gateway of the switch is


ping from is intermittent

ping from - cannot ping (sometimes intermittent)


ping from is fine

ping from is fine

i can see the counters on the asa subinterface increase (allowed icmp on the whole dmz interface)

any ideas on this ?

OUTSIDE ----------------ASA-------------------INSIDE



                                 | (

                                 | (

                                 | (


           WLC1 ------L2 Switch ( mgmt address

     (       |    (

                                 |    (



                               WLC 2 (