Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

asa5510 block ping

Status
Not open for further replies.
charliemao

charliemao

IS-IT--Management
Aug 9, 2008
12
CN
my question is I use cisco asa5510 as a firewall beteween inside lan and internet. I use NAT to make client go internet. it's find. but I can't ping outside address(internet address), because sometimes I need to ping outside address to test whether it can be reached. I also use icmp permit any inside/outside, but still don't work.
thanks for any help
 
Sort by date Sort by votes
post a scrubbed config (take out passwords and mask the middle 2 octets of public ips) and we'll have a look.

Brent
Systems Engineer / Consultant
CCNP, CCSP
 
Upvote 0 Downvote
I second that i cant get pings to go through, but i dont even have internet coming through yet...
 
Upvote 0 Downvote
Are you trying to ping the outside interface of the firewall? If so you are going to need to ICMP command.

netleets(config)# icmp permit host 192.168.1.10 outide

If you are trying to ping through the firewall, in some versions of code, Cisco does not include ICMP in the "IP" acls and require a separate acl entry specifically for ICMP.

If neither of the 2 above senerios are applicable, please paste a scrubbed version of your config.

IT Security news and information
In plain English
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

salanje87
  • Locked
  • Question
Block Broadcast storming.
Replies
3
Views
264
hairlessupportmonkey
hairlessupportmonkey
intel233
  • Locked
  • Question
ASA5510 - SSL Cert
Replies
0
Views
214
intel233
intel233
Garbear
  • Locked
  • Question
TZ190 VPN Connection works but can't ping some IP's on either side
Replies
0
Views
65
Garbear
Garbear
sabin808
  • Locked
  • Question
TZ205 | Unable to ping WAN IP from LOCAL ZONE
Replies
0
Views
60
sabin808
sabin808
Shad0wguy
  • Locked
  • Question
Unable to ping specific IP across interfaces, can ping on same interface
Replies
6
Views
226
Shad0wguy
Shad0wguy

Part and Inventory Search

Sponsor

Back
Top