05-16-2012 07:38 AM - edited 03-11-2019 04:07 PM
HI, I have a question. First off all my design is My ISP is conected to router > Cisco ASA5520 > L3 Switch and to LAN.Every configuration is done at the Cisco ASA. Now my question is i have some public IPs. I have nated some of the public IPs and it is working fine. But I cant ping the nated public IPs from outside the network or from internet. I need the public IPs to be get pinged from the Internet. Before it was working and suddenly now the IPs are not get pinged.
Please give a solution.
05-16-2012 07:50 AM
Hi Tino,
The best I can suggest is, take captures on the ASA outside interface for the ping packets, checvk whether the packets are reaching the firewall or not. If no, contact your ISP.
Also check if you have icmp allowed on your ASA, check the ACL that you have applied on the outside interface, if its not there then you can add an icmp any any ACL on it.
Thanks,
Varun Rao
Security Team,
Cisco TAC
05-16-2012 07:59 AM
Hi thanks for the suggestion, I have checked the packets, they are reaching the firewall. I added a ACL ICMP any any and it is not working...
05-16-2012 08:24 AM
Hi Tino,
Apply the same captures on the inside interface as well to check if they are getting any replies back from the client..
this will help you:
https://supportforums.cisco.com/docs/DOC-17814
Thanks,
Varun Rao
Security Team,
Cisco TAC
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide