ASA Not Respoding to Pings

[cisco222]

Hi Guys,

Hope you can point me in the right direction on this.

I'm on a network of 10.0.0.254 ( this is a cisco asa with IPSEC VPN ) and i'm trying to ping the local interface of the end point cisco ASA which is on 10.200.0.254. A server in the same subnet 10.200.0.24 can ping 10.20.0.254 OK. However when i try and ping oven the VPN it says request timed out. The VPN Tunnels are up and i can ping server behind the firewall like 10.200.0.24.

Where is the best place to start looking? would it be my access list or NAT Rules. Any kind of help of this would be great. hope it all makes sense.

Thanks

 

[njjimbo]

Try adding:
management-access inside
(assuming your 10.200.0.254 interface is named 'inside')

The ASA is not normally ping-able or manageable on the inside interface over a VPN tunnel without a management-access statement.

 

[cisco222]

thanks for the update.do i need to assign an IP to my management Interface currently i have the below. Please advise


interface GigabitEthernet0/0
nameif inside
security-level 100
ip address 10.200.0.254 255.255.255.0

interface Management0/0
nameif management
security-level 100
no ip address
management-only

 

[njjimbo]

You do not need to configure the Management0/0 interface in order to use the 'management-access inside' command.