cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1405
Views
0
Helpful
4
Replies

asa - enable inside ICMP?

Maurizio Caloro
Level 1
Level 1


Hello

try to enable icmp on asa in little gns3 project.
on this time it's inpossible to ping from any inside adress to
any adress, yes GW are added.

 

this setup are new and clean. please how i can debug this?

thanks for any possible help.

 

Running Setup:

BVI1 192.168.0.1/24
Connected - ASA port inside_3 any little Linux - ip 192.168.0.2/24
Connected - ASA port inside_6 any little Linux - ip 192.168.0.22/24
!
policy-map global_policy
class inspection_default
inspect icmp
!
icmp unreachable rate-limit 1 burst-size 1
icmp permit 192.168.0.0 255.255.255.0 INSIDE_3
icmp permit 192.168.0.0 255.255.255.0 INSIDE_6
icmp permit 192.168.0.0 255.255.255.0 INSIDE
!

route INSIDE 0.0.0.0 0.0.0.0 192.168.0.0

!
access-list 100 extended permit icmp any any
!

1 Accepted Solution

Accepted Solutions

balaji.bandi
Hall of Fame
Hall of Fame

Is this ASA deployed in bridge mode ?

 

from Device are you able to ping ASA ?

 

 

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

4 Replies 4

Allow icmp reply in both acl of inside 3 and inside 6.

 

balaji.bandi
Hall of Fame
Hall of Fame

Is this ASA deployed in bridge mode ?

 

from Device are you able to ping ASA ?

 

 

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Maurizio Caloro
Level 1
Level 1

thanks balaji Bandi

 

after adding bridge-group 1 to gi0/3+gi0/6 it's possible to ping from any to any inside address

i need to read now what exactly do bridge group. Nice meny thanks

you can find good blog here :

 

https://www.petenetlive.com/KB/Article/0001422

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Review Cisco Networking for a $25 gift card