Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
355
Views
10
Helpful
2
Replies

I am stumped

keithcclark71
Level 3
Level 3

‎07-06-2022 03:09 PM

I am stumped why is it I can ping from a host in Site A connected to FTD inside interface  to a host in Site B ASA inside interface over S2S tunnel but I cannot ping from either side from the  FTD or ASA.  The FTD IP addresses for management and inside are on same subnet along with the host that I can ping from. This makes no sense

0 Helpful
2 Replies 2

Kasun Bandara
VIP
VIP

‎07-06-2022 08:35 PM

try configuring

management-access <interface-name>

to inside interface

Please rate this and mark as solution/answer, if this resolved your issue
Good luck
KB
0 Helpful

Rob Ingram
VIP
VIP

‎07-06-2022 11:40 PM

@keithcclark71 that's by design on both the ASA and FTD. The ASA/FTD only responds to ICMP traffic sent to the interface that traffic comes in on; you cannot send ICMP traffic through an interface to a far interface. Reference here.

 

The only exception is over a VPN, in which case you need to configure the mangement-access command already provided. You cannot configure this natively on the FTD, you have to use FlexConfig to apply the same command.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card