[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 212
  • Last Modified:

The ping is successful at ASA ?

Dear All

Here is a question. Can you give your answer to it ?

Topology:
e1-ASA-e0--------------e0/1-Router

Config:
ASA:
interface e0
ip address 12.1.1.1 255.255.255.0
outside
interface e1
ip address 10.1.1.1 255.255.255.0
inside

Router
interface e0/1
ip address 12.1.1.2 255.255.255.0
ip route 0.0.0.0 0.0.0.0 12.1.1.1

The question is, at ASA, command "ping inside 12.1.1.2" is succcessful? why ?
0
EESky
Asked:
EESky
  • 2
  • 2
2 Solutions
 
Pete LongTechnical ConsultantCommented:
Why would you want to ping the outside IP from the inside?

This is completely normal :)

screen grab
0
 
EESkyAuthor Commented:
Thank you for your fast reply. The reason that i asked the question is that i am trying to setup vpn asa to asa. I did not attach PC to the inside of ASA. In order to initiate the vpn connection without attached PC, I want to use the command to replace ping from the PC. But the command ping inside x.x.x.x did not work at my ASA. I do not know why. that is why i want to know how the command works.
0
 
Pete LongTechnical ConsultantCommented:
OK I see, first before you do anything make sure you have a default inspection map, and that map inspects ICMP like this;
Cisco Firewalls and PING

OK asuming you have that in place, if the lan on network A is 192.168.1.0/24 (and the firewall internal interface is 192.168.1.1). And NEtwork B is 192.168.2.0/24 (firewall inside interface is 192.168.2.1).

From the Firewall at Site A if you issue;

ping inside 192.168.2.1

(Assuming the tunnel is up and estalished) - the ping will fail - UNLESS both firewalls have the following command in their config;

management-access inside
0
 
EESkyAuthor Commented:
Yes, you are right. the ping in this situation should not be successful
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now