cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4822
Views
5
Helpful
1
Replies

Ping FTD outside interface from inside

ajtm
Level 1
Level 1

Even when all traffic is allowed I've noticed that I can't ping FTD interfaces except the "nearest" interface (traffic doesn't cross FTD).

Is it possible to allow this traffic?

 

 

1 Accepted Solution

Accepted Solutions

Francesco Molino
VIP Alumni
VIP Alumni
Hi

You can only ping the interface from where the traffic comes in only.
See documentation : https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/platform_settings_for_firepower_threat_defense.html#task_42BBA666CD604517ADA18B32CA162F62
"The Firepower Threat Defense device only responds to ICMP traffic sent to the interface that traffic comes in on; you cannot send ICMP traffic through an interface to a far interface."

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question

View solution in original post

1 Reply 1

Francesco Molino
VIP Alumni
VIP Alumni
Hi

You can only ping the interface from where the traffic comes in only.
See documentation : https://www.cisco.com/c/en/us/td/docs/security/firepower/640/configuration/guide/fpmc-config-guide-v64/platform_settings_for_firepower_threat_defense.html#task_42BBA666CD604517ADA18B32CA162F62
"The Firepower Threat Defense device only responds to ICMP traffic sent to the interface that traffic comes in on; you cannot send ICMP traffic through an interface to a far interface."

Thanks
Francesco
PS: Please don't forget to rate and select as validated answer if this answered your question
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: