• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1173
  • Last Modified:

Can't Ping Outside Cisco 3550

I have a Cisco 3550 running (C3550-IPBASEK9-M), Version 12.2(25)SEE3) and it is connected to a Cisco ASA 5505 on one uplink, and behind it i have a port channel to a cisco 2950. Now, from every device on the network i am able to ping anything on the Internet (all servers, workstations, ASA, and even the other switch behind the 3550). On the 3550 i can ping all devices internally, but nothing on the internet, it doesnt seem like it cant go outside to the Internet at all. Am i missing something? So far the network is running fine with no issues.
0
Cobra25
Asked:
Cobra25
  • 5
  • 4
  • 2
  • +1
1 Solution
 
FideliusCommented:
Hello,

What is default gateway on Cisco 3550?
Can you ping Cisco 3550 from ASA?
Do you have Cisco 3350 IP addres blocked on ASA by inside ACL?
Do you have  Security Plus license on ASA 5505?
How many interfaces are you using on ASA? Just outside and inside? Or also DMZ.

Regards!
0
 
Cobra25Author Commented:
Default gateway is the ASA.
Yes can ping 3550 from ASA.
Do not have it blocked by ACL inside.
No base licesnse.
Just inside and outside, super simple.
0
 
Istvan KalmarCommented:
Hi,

please show the configs
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
Cobra25Author Commented:
i think i figured out the issue, theres an issue with the NAT on the ASA. Will post back
0
 
Istvan KalmarCommented:
ok
0
 
Istvan KalmarCommented:
you able to view the problem on the ASA ASDM monitor function live
0
 
Cobra25Author Commented:
how so?
0
 
Istvan KalmarCommented:
here is that you need:)

http://www.cisco.com/en/US/docs/security/asdm/6_1/user/guide/mon_log.html

go to ASDM --> MONITORING --> LOGGING --> VIEW...
0
 
Feroz AhmedSenior Network EngineerCommented:
Hi,

you can configure ACL on firewall from inside to outside as below :

ASA(config-t)#Access-list 101 permit icmp any any ech-reply
ASA(Config-t)#policy-map global_policy
ASA(Config-t)#ICMP enable

and check you should be able to ping and connect to outside network.
0
 
Feroz AhmedSenior Network EngineerCommented:
ASA(Config)#Inspect ICMP
0
 
Cobra25Author Commented:
I resolved the issue. It was the NAT as i suspected.
0
 
Cobra25Author Commented:
Resolved issue on my own.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 5
  • 4
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now