09-29-2020 07:38 AM
i have multiple interfaces in firewall when i am connected with one interface of the firewall i can ping that interface but i can't ping other interfaces of the same firewall even i am able to ping the machines working on other interfaces. can you please help me that why i can't ping other interfaces of the firewall if i can access the networks of those interfaces why i can't ping the interface and what i should do ping those interfaces or can access firewall with those interfaces i already configured the management interface and management access. it's working if i am using the same network and access the same interface but why i can't access the other interfaces? how i can access the firewall from other interfaces?
09-29-2020 07:50 AM - edited 09-29-2020 08:04 AM
The FTD or ASA only responds to ICMP traffic sent to the interface that traffic comes in on; you cannot send ICMP traffic through an interface to a far interface.
If you are connected to the inside interface, then you cannot ping through the FTD to the outside interface and expect a reply, this is by design.
HTH
09-30-2020 05:59 AM
So how i can access firewall from different Vlan
09-30-2020 07:02 AM
Like the user is coming from VPN from outside interface and want to access the firewall with local IP as it's accessible network that all the devices are pingable but can't access the firewall with that IP
09-30-2020 07:29 AM
i attached the scenario here the user connected with FW2 want to access the FW1 on the IP 192.168.33.1.
the PC attached with FW1 as IP 192.168.33.2 are able to access 192.168.33.1.
the PC connected with FW2 can ping the 192.168.33.2 but can't access 192.168.33.1 as i already configure for the management but still it's not allowing
the PC connected with FW2 can ping all the networks
the PC with IP 192.168.33.2 also can ping all the devices
Can you please help me how to access the FW1 from the PC connected with FW2 on IP 192.168.33.1
09-30-2020 07:39 AM
You didn't mention it's a VPN in the first post, but as it's a VPN you can configure the command "management-access <interface name>" and manage the FTD/ASA over a VPN tunnel using icmp, ssh or http.
09-30-2020 08:40 AM
i am using FDM so this command is not working
09-30-2020 08:48 AM
Use FlexConfig
09-30-2020 11:00 PM
Still that user with FW2 can't access the firewall what else should i do?
10-07-2020 01:05 AM
i used flexconfig and used the command but it's not showing in running-config and also not working
10-07-2020 04:34 AM
I configured the flexconfig now the interface is pingable but still can't access as i already configured the management access interface for any any but still not allow me to ssh or https kindly suggest something
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide