Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1429
Views
30
Helpful
2
Replies

Enable ICMP (Ping) Over Site to Site VPN (ASA5510 to FP ASA1010

Amoret
Level 1
Level 1

‎02-28-2022 12:32 PM

I have a Site to Site VPN setup from an ASA 5510 (ASA Code) to an ASA 1010 (Without FMC); we are using the FDM GUI to manage this. The Site to Site VPN is working fine, but we cannot ping from behind the ASA5510 to the inside interface of the ASA 1010. Does anyone know how to enable ICMP to the inside interface over the Site to Site VPN?

 

ASA5510 192.168.26.1 

ASA1010 10.0.64.1 

 

From behind the ASA5510 we can not ping 10.0.64.1 but we can ping other devices on the 10.0.64.X network. 

From behind the ASA1010 we can ping anything on the 192.168.24.0/22 network. 

2 Replies 2

Rob Ingram
VIP
VIP

‎02-28-2022 12:52 PM

@Amoret on the ASA previously you had to enable the command "management-access <inside interface name>" to ping/ssh/http over a VPN tunnel - that command doesn't exist on the FTD/FDM natively, but you could try deploying via FlexConfig.

Amoret
Level 1
Level 1
In response to Rob Ingram

‎02-28-2022 01:01 PM

I created a FlexConfig Template - "management-access inside" and Negate Template "no management-access inside" and now I can ping the inside interface, that's 50% of what I am trying to do but I can not access the FDM GUI over the Site-To-Site VPN? 

 

 

 

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card