Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
899
Views
0
Helpful
1
Replies

Unable to Ping Default Gateway on one ASA

pootboy69
Level 1
Level 1

‎04-01-2011 01:50 PM - edited ‎03-11-2019 01:15 PM

We have two ASA5510s, each with outside interfaces to the same two ISPs (different IP addresses within the same subnet, of course). Both ASAs allow ICMP on all (inside and outside) interfaces. One ASA's default route is to ISP-1 and the other is to ISP-2. We can ping the default gateways for both ISPs from only one ASA. From the other ASA, we can only ping the default gateway for the default route but not the other. The pings originate from an inside client, first configured with the default gateway for ASA-1, then for ASA-2. Why does this happen, how do I troubleshoot something like this and how do I fix it? Thanx!

Labels:
0 Helpful
1 Reply 1

Shrikant Sundaresh
Cisco Employee
Cisco Employee

‎04-01-2011 02:18 PM

Hi Wolf,

I think you might need to clear the ARP table on the switch and PC.

You can check if the ping request for the non-pingable ip is even reaching the ASA (current def g/w) by running captures on that interface, or running the "debug icmp trace 1" command ("un all" to stop).

If the ping request is not reaching the correct ASA, i would suggest checking ARP values.

Also, if you could elaborate a bit more on the topology, with ip subnets and all, it would give more insight into where the problem may lie.

-Shrikant

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card