09-13-2010 03:32 AM
hi all , we have a scenario that a pix is installed in a remote site and has a vpn connection with the HQ (ASA 8) , the vpn is up but the I can't ping the LAN from eithwr both sites , but also I can do remote desktop from both sites ?!! can anyone help please .
09-13-2010 04:03 AM
Hi,
Check whether ICMP is allowed in your Crypto ACL on both sides.
Also check if icmp inspection is enabled.
policy-map global_policy
class inspection_default
inspect icmp
09-13-2010 05:10 AM
first to be clear the HQ has more than one remote site and all are working except the newly configured remote site, on the pix I put the command (fixup protocol icmp error) and still nothing ?! it does not take the commands you mentioned before because its version is 6.3(4) and the ACL regarding the VPN is permit ip => everything is open for now, so do you have something in mind upon this reply ?
09-13-2010 04:04 AM
Hi,
Check whether ICMP is allowed in your Crypto ACL on both sides.
Also check if icmp inspection is enabled.
policy-map global_policy
class inspection_default
inspect icmp
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: