Guys - In those configuration examples, we are basically monitoring a destination in the Public Internet and using the outside interface to source it.
What if we want to monitor a destination which is reachable through a Site to Site VPN? I have configured it by using the inside interface to source it, but unfortunately this is not working. Below my config:
sla monitor 20
type echo protocol ipIcmpEcho 192.168.72.254 interface inside
frequency 5
sla monitor schedule 20 life forever start-time now
Unfortuntately, I'm getting timeouts as if traffic is not making it:
Entry number: 20
Modification time: 11:07:03.109 EST Thu Dec 19 2019
Number of Octets Used by this Entry: 2056
Number of operations attempted: 8031
Number of operations skipped: 8029
Current seconds left in Life: Forever
Operational state of entry: Active
Last time this entry was reset: Never
Connection loss occurred: FALSE
Timeout occurred: TRUE
Over thresholds occurred: FALSE
Latest RTT (milliseconds): NoConnection/Busy/Timeout
Latest operation start time: 09:25:08.110 EST Fri Dec 20 2019
Latest operation return code: Timeout
RTT Values:
RTTAvg: 0 RTTMin: 0 RTTMax: 0
NumOfRTT: 0 RTTSum: 0 RTTSum2: 0
However, if I manually source the ping it works fine:
ASA# ping inside 192.168.72.254
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.72.254, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/8/10 ms
Kind Regards,
