cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to Cisco Firewalls Community


220
Views
0
Helpful
4
Replies
Highlighted
Beginner

ASA (from LAN network to ASA outside interface ping )

ASA insideOutside.jpg

R1

int G0/0  IP Add 192.168.1.1/24

ASA

Int G0/1 IP Add 192.168.1.10/24

Int G0/0 IP Add 210.19.10.10/24

R2

Int G0/0 IP Add 210.19.10.1/24

___________________________________________

If i ping fro R1 int g0/0 to  ASA g0/1 its working

R1# ping 192.168.1.10

!!!!!

*but i cant ping  from R1 int G0/0 to  ASA int G0/0

R1# ping 210.19.10.10 ??????????????????

*  please tell me reason ?

4 REPLIES 4
Advisor

ASA (from LAN network to ASA outside interface ping )

It's a security feature of the ASA.

Beginner

ASA (from LAN network to ASA outside interface ping )

Hi Lalit,

It's right it's the security feature of ASA in which user at one end is not able to ping far end interface of the ASA, you could ping across the ASA but not the ip of ASA's far end interface.

- Prateek Verma

Beginner

ASA (from LAN network to ASA outside interface ping )

Thanks Prateek

  i want know according  to packet flow of firewall, when  we ping that interface  where this packet is drop.

Beginner

ASA (from LAN network to ASA outside interface ping )

Hi Lalit,

It's the default security feature of ASA due to which it is not allowed to ping far end interface ip of ASA. If you will try to run packet-tracer on ASA , you will see everything is allowed but it would get dropped in slow path secuirty check failed ( that's due to the default security feature of ASA).

- Prateek Verma

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here