Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN anyconnect no Ping ip firewall

II have a management network 192.168.5.x and VPN network 192.168.25.x. I can ping a all my network elements except to firewall (ASA5510). The ASA has the IP 192.168.5.1. I think that the firewall has some restriction but I don't know. I have 8.2 software and anyconnenct 3.0 and work fine. If I am in the management network (192.168.5.7), I can ping to firewall. The restrict is with the VPN network.

Thanks,

Sent from Cisco Technical Support iPhone App

4 REPLIES
Super Bronze

VPN anyconnect no Ping ip firewall

Hi,

I gather you are trying to ping the ASA inside interface from a connected VPN Client?

To my understanding this is not possible.

You can't ping an interface IP address from behind some other interface on the ASA. In this case it would be a ICMP echo coming from outside to inside interface IP

To otherwise enable ICMP to ASA interface use the following command format

icmp permit/deny

- Jouni

New Member

Re: VPN anyconnect no Ping ip firewall

Thanks but didn't work.

Sent from Cisco Technical Support iPhone App

Super Bronze

VPN anyconnect no Ping ip firewall

Hey,

As I said you can't ping an ASA interface behind another interface.

So pinging from VPN Client host (which is behind outside) to inside interface IP (which is "behind" inside interface) isnt possible to my knowledge.

The command format I added is just to point out how you can allow ICMP when you are pinging the ASA interface IP behind that same interface.

- Jouni

VPN anyconnect no Ping ip firewall

Hi,

In order for you to ping the ASA itself coming over a VPN tunnel, you must use the "management access" command.

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/access_management.html#wp1064497

You can only have one management interface at the time.

Please let us know if it helps you.

335
Views
0
Helpful
4
Replies
CreatePlease to create content