Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1265
Views
5
Helpful
2
Replies

can not ping from inside switch to outside switch in GNS3 though packet tracer allow in both direction

Go to solution
martlee2
Cisco Employee
Cisco Employee

‎02-18-2015 03:08 PM - last edited on ‎03-25-2019 05:54 PM by Community Manager

i permit all and packet tracer succeed to allow all, still can not ping, why?

can not ping from inside switch to outside switch in GNS3 though packet tracer allow in both direction

https://community.gns3.com/message/20175#20175

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎02-19-2015 12:11 AM

Hi,

 

If you are using L3 switches then confirm that they have the proper routing information to reach the other switch.

 

If you are using L2 switches then for them to reach a remote subnet you would need the "ip default-gateway" command. This will let the switch forward traffic to other subnets from its Vlan interface.

 

I only quickly glanced the output on the other thread. It should really be cleaned up so thats easier to read. But I would imagine that you have a routing problem.

 

Notice that for the purpose of reaching subnets on each side of the firewall you dont really need any NAT configurations on the ASA. If there is no NAT the traffic will simply go through with their original IP addresses. If you need Dynamic PAT for some purpose then make sure you have a NAT0/Identity NAT configuration between the subnets which you need to connect to eachother with their original IP addresses.

 

Hope this helps :)

 

- Jouni

View solution in original post

2 Replies 2

Go to solution
Jouni Forss
VIP Alumni
VIP Alumni

‎02-19-2015 12:11 AM

Hi,

 

If you are using L3 switches then confirm that they have the proper routing information to reach the other switch.

 

If you are using L2 switches then for them to reach a remote subnet you would need the "ip default-gateway" command. This will let the switch forward traffic to other subnets from its Vlan interface.

 

I only quickly glanced the output on the other thread. It should really be cleaned up so thats easier to read. But I would imagine that you have a routing problem.

 

Notice that for the purpose of reaching subnets on each side of the firewall you dont really need any NAT configurations on the ASA. If there is no NAT the traffic will simply go through with their original IP addresses. If you need Dynamic PAT for some purpose then make sure you have a NAT0/Identity NAT configuration between the subnets which you need to connect to eachother with their original IP addresses.

 

Hope this helps :)

 

- Jouni

Go to solution
martlee2
Cisco Employee
Cisco Employee
In response to Jouni Forss

‎02-19-2015 09:55 AM

i succeed by adding static route in outside and inside router

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card