09-30-2009 05:58 PM - edited 03-11-2019 09:21 AM
Hi all,
I cannot ping my default gateway, and my default gateway connot ping me.
I've got a ASA 5520 with a 8.0.4 OS version.
I've configured the ACL on the interface with the
access-list int1-in extended permit icmp any any
and also added the command.
icmp permit any int1
There is no ACL on my default gateway (Cisco 6500 IOS). And my interface has a security level of 90 without any managgement configuration.
If you've got any ideas of what I can check it we very sweet !
Thanks
09-30-2009 07:06 PM
Can you show :
1) Interface config
2) Ping from your PC
3) "arp -a" from your PC. If ICMP is block , firewall will still respond to ARP.
09-30-2009 08:15 PM
Please make sure that you have following commands at the top. There should be no icmp deny echo/echo-reply above the permit statements.
icmp permit any echo-reply outside
icmp permit any echo outside
09-30-2009 08:58 PM
asa(config)# policy-map global_policy
asa(config-pmap)# class inspection_default
asa(config-pmap-c)# inspect icmp
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide