Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
485
Views
5
Helpful
1
Replies

Enable ICMP to ping INSIDE to INSIDE interface

Rahul Kapadia
Level 1
Level 1

‎12-19-2021 10:43 AM

Hello experts,

 

I have an issue with ping in my LAN network, I am unable to ping my LAN network from firewall to system and system to system

 

access-list VLAN100_IN extended permit tcp any any eq www
access-list VLAN100_IN extended permit tcp any any eq https
access-list VLAN100_IN extended permit udp any any eq domain
access-list VLAN100_IN extended permit udp any any eq ntp
access-list VLAN100_IN extended permit icmp any any echo-reply
access-list VLAN100_IN extended permit icmp any any
access-list VLAN100_IN extended permit icmp any any time-exceeded
access-list VLAN100_IN extended permit icmp any any timestamp-reply
access-list VLAN100_IN extended permit icmp any any unreachable

 

 

policy-map global_policy
class inspection_default
inspect ftp
inspect h323 h225
inspect h323 ras
inspect rsh
inspect rtsp
inspect esmtp
inspect sqlnet
inspect skinny
inspect sunrpc
inspect xdmcp
inspect sip
inspect NetBIOS
inspect tftp
inspect icmp
inspect icmp error

1 Reply 1

Rob Ingram
VIP
VIP

‎12-19-2021 10:59 AM

@Rahul Kapadia When you say system to system, is this traffic within the same VLAN? If so this traffic would never be sent to the ASA.

Can you provide the full configuration of the ASA and the switch? And indicate what you've pinged and from where.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card