Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1577
Views
0
Helpful
5
Replies

cannot ping external servers like yahoo or sony

Go to solution
benedict dcunha
Level 1
Level 1

‎06-15-2011 11:11 AM - edited ‎03-11-2019 01:45 PM

dear All,

I have installed quite recently a cisco ASA 5520 replacing a linux based firewall

I have only 2 zones ..

one is internal netowrk and other external

the internal network has web servers, dns and mail server all having public IPs

Every thing is OK but i have seen that if I try to ping an external server for example www.yahoo.com

i cannot ping says

------

[sylvan@kmdns1 ~]$ ping www.yahoo.com

PING eu-fp.wa1.b.yahoo.com (87.248.112.181) 56(84) bytes of data.

--- eu-fp.wa1.b.yahoo.com ping statistics ---

6 packets transmitted, 0 received, 100% packet loss, time 5010ms

----------

but I can ping  from systems which are outside my firewall perfectly

with the linux firewall i had before i could ping perfectly to yahoo from any of my internal servers

apprecite your advice and help

regards

simon

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
manish arora
Level 6
Level 6
In response to benedict dcunha

‎06-15-2011 12:12 PM

Did you try fixup protocol icmp ?

Please post your configuration is that doesn't work.

Manish

View solution in original post

0 Helpful
5 Replies 5

Go to solution
manish arora
Level 6
Level 6

‎06-15-2011 11:15 AM

Try :-

asa(config)# fixup protocol icmp

Manish

0 Helpful

Go to solution
varrao
Level 10
Level 10

‎06-15-2011 11:16 AM

Hi Benedict,

A littlt bit insight into your configuration would be helpful, if you can share (edit it as required).Otherwise difficult to guess, try pinging 4.2.2.2 and instead of the url, try the ip of yahoo (72.30.2.43) and verify if it is a dns issue. Are you able to access internet?????

Thanks,

Varun

Thanks,
Varun Rao
0 Helpful

Go to solution
benedict dcunha
Level 1
Level 1
In response to varrao

‎06-15-2011 12:01 PM

Dear Guys,

really apprecite and thanks guys for the ultra fast reply...

by the way just forgot to metion

if I telnet from one of my internal server to the firewall and do

KMUN-ASA# ping www.sony.com

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 72.52.6.10, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 190/200/210 ms

it works fine

but from my dns server  or my mail server i see

---------------

sylvan@kmdns2 ~]$ ping www.yahoo.com

PING eu-fp.wa1.b.yahoo.com (87.248.112.181) 56(84) bytes of data.

--- eu-fp.wa1.b.yahoo.com ping statistics ---

20 packets transmitted, 0 received, 100% packet loss, time 19009ms

[sylvan@kmdns2 ~]$ ping 87.248.112.181

PING 87.248.112.181 (87.248.112.181) 56(84) bytes of data.

--- 87.248.112.181 ping statistics ---

4 packets transmitted, 0 received, 100% packet loss, time 3006ms

-----------

By the way all service are working fine

apprecite your help..

regards

simon

0 Helpful

Go to solution
manish arora
Level 6
Level 6
In response to benedict dcunha

‎06-15-2011 12:12 PM

Did you try fixup protocol icmp ?

Please post your configuration is that doesn't work.

Manish

0 Helpful

Go to solution
benedict dcunha
Level 1
Level 1
In response to manish arora

‎06-16-2011 08:58 AM

dear Mani,

First let me apolozije for not reply you early since I got stuck with some personal work.

I tried the fixup protocol icmp and woww it worked like a charm.

thnks once again and really apprecite

may god bless u

regards

simon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card