Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
305
Views
0
Helpful
1
Replies

Any way to bring up a tunnel from within the router/firewall?

thomasdzubin
Level 1
Level 1

‎09-14-2007 07:14 AM - edited ‎03-09-2019 06:49 PM

I've set up a number of site-to-site IPSEC tunnels, but the one thing that I can't seem to get is: Is there any way to bring the tunnel up if I am not actually at one of the endpoints?

...usually I can just tell one of the people at either end to do a PING or something so that the "interesting traffic" access-list gets a hit and brings up the tunnel, but if it's midnight and I'm SSH-ed into a firewall from home and I want to bring up the tunnel to see that it's working, can I do it using any commands on the router/firewall... my understanding is that traffic sourced from the router/firewall won't hit any access lists, so I can't bring up the tunnel with a simple PING. (or is my understanding wrong?)

Any ideas or "tricks" that people use to accomplish this?

Thomas Dzubin

Labels:
0 Helpful
1 Reply 1

mfreijser
Level 1
Level 1

‎09-18-2007 05:53 AM

There are several ways to do this:

- Router:

You can use an extended ping from a router, but this is not possible for a Pix or ASA.

- Firewall:

You can use the 'Test' button in Monitoring section from the ASDM for a Pix/ASA with software version 7.x. There is no way (for as far as i know) to test this from a firewall running Pix software 6.x.

Please rate if the post is usefull!

Regards,

Michael

0 Helpful
Customers Also Viewed These Support Documents