ASA 5510 issue while pinging PC at inside interface

CSCO11508096 · ‎01-31-2012

Hi,

I have configured ASA, having one outside interface (security level 0), one Inside Interface ( security Level 100).

Access list created: At outside from source any destination any services ip and icmp are permit.

At Inside from source any destination any services ip and icmp are permit.

Test done:

1) From outside interface I am able to ping ASA outside interface.

2) From the same outside machine not able to ping the inside interface as well as the machine connected at the inside interface.

3) From ASA machine connected at the inside interface is pingable.

I want to access machine connected at the inside interface from outside machine.

thanks

Shashi

ajay chauhan · ‎01-31-2012

can you turn on icmp inspection and allow icmp on outside interface ? then try .

integreon · ‎01-31-2012

Did you NAT your inside PC?

Sent from Cisco Technical Support iPad App

CSCO11508096 · ‎01-31-2012

Hi,

After Natting the PC I am able to ping it.

Actully we have a remote office where we need to install few servers. For sectuing thoes servers we are using ASA.

Scenario: WAN link is terminated on ASA outside interface.

At the LAN interface of ASA a switch is connected. All the servers are connected on the Switch.

Requirement: My requirement is to access/manage all the server by sitting at the remote location(from outside interface of ASA).

Is it possibe to access without Natting or by only creating access rule on ASA.

Thanks

Shashi

Julio Carvajal · ‎01-31-2012

Hello Shashi,

You will need to build a VPN tunnel in order to be able to access those servers by their private ip address.

I mean if you want to access them trough a public zone like the INTERNET that is what you will need to do.

Regards,

Julio

Rate helpful posts

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC