We help IT Professionals succeed at work.

Easy VPN question

Medium Priority
293 Views
Last Modified: 2013-11-29
If I am trying to connect via VPN.
From my home computer I should be able the ping the public IP address of my office right?
Comment
Watch Question

Commented:
Depends on the router / firewall configuration. If ICMP Echo is enabled, you should, else it will request timeout. VPN does not require to have ICMP Echo enabled in order to work.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts

Commented:
Just to add to vaveedb,
Most firewalls will have access to "ping" returned packets turned off.  This is to stop icmp attacks (consuming firewalls processing to force them to slow down and fail).

If you would like to enable this on your Office firewall (PIX 501) I believe...you have to issue these commands.
(config)#icmp permit any any (applied to an interface for all icmp)
(config)#icmp permit any outside (this is all the traffic on the interface allowing icmp messages.)

To restict only return packets when ping from home.
(config)#access-list outside->in permit icmp any host xxxxxxxxxxxxxx echo-reply
add this traffic to your access-list for traffic  coming in...

If you are using the Cisco client.....turn on the log and see what is happening.  This can be verbose if you want....
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.