Ping interface gateway

vgulinolite · ‎06-28-2013

Hello,

I have an ASA5505 with the Security Plus License, I have 3 vlans, 1 external, and two internal. When I try try to ping the gateway of the oposing internal vlans gway I get the following error "

6

Jun 28 2013

13:33:44

110002

source_ip

1

Failed to locate egress interface for ICMP from private_lan:source_ip 3/1 to dest_vlan_gw/0

I can ping the source vlan gw & all hosts. I can ping all hosts on the oposing vlan. I cannot ping the oposing vlan gw.

I have turnon on icmp inspection.

Thanks!
"

Jouni Forss · ‎06-28-2013

Hi,

This is by design.

You wont be able to ping an interface IP address that is a remote interface for the source LAN.

So lets you have the following interface

interface Vlan10

nameif LAN

security-level 100

ip add 10.10.10.1 255.255.255.0

interface Vlan20

nameif DMZ

security-level 50

ip add 10.10.20.1 255.255.255.0

Hosts behind the interface "LAN" will be able to PING that interface IP address and the hosts behind the interface "DMZ" will be able to PING that interfaces IP address.

However hosts behind "LAN" wont be able to PING the "DMZ" interface IP address nor will the hosts behind "DMZ" be able to PING the interface IP address of "LAN".

Hope this clarifies things

Please do remember to mark the reply as the correct answer if it answered your question.

- Jouni

Ping interface gateway

nexus 对接 ACI 模拟 EP，EP 无法 ping 通 BD subnet gateway

Cant ping sub interface gateway

vpc peer-gateway

【VPC Feature】Peer-Gateway

Interface 監視用 OID について