08-14-2017 01:12 PM - edited 03-08-2019 11:44 AM
This is my first time configuring a virtualized ASA (9.8.1) in GNS3 for use in CCNAS class. The configuration is as follows:
ASAv g0/0 - 10.10.10.2 > HUB > Loopback 10.10.10.1 (Local PC)
I'm trying to ping the Loopback address from the ASAv and vice versa. I know the loopback is in working order because I was able to ping it from a virtualized C7200 router.
I'd like to know the configurations in order to get the ASA ping and be ping-able
Hub is used instead of switch because GNS3 ethernet switch is buggy
Solved! Go to Solution.
08-15-2017 12:52 AM
Thanks for the speedily reply. The Cloud in the topology represents the loopback address.
10.10.10.1 is the Loopback interface's configuration on the Windows side of the topology. I've used a router in place of the ASA prior to testing it with an ASA and it was reachable from both directions.
08-14-2017 03:50 PM
Hello
I am assuming from you topology that the lan address is 10.10.10.1 and the loopback is another address?
Please try the below example:
interface GigabitEthernet0
nameif Inside
security-level 100
ip address 10.10.10.2 255.255.255.0
object network LAN1
subnet 10.10.10.0.255.255.255.0
object network LAN2
subnet (loopback address) 255.255.255.255
object-group network ICMP-ECHO
network-object object LAN1
network-object object LAN2
access-list 100 extended permit icmp any object-group ICMP-ECHO echo-reply
route Inside (loopback address) 255.255.255.255 10.10.10.1
res
paul
08-15-2017 12:52 AM
Thanks for the speedily reply. The Cloud in the topology represents the loopback address.
10.10.10.1 is the Loopback interface's configuration on the Windows side of the topology. I've used a router in place of the ASA prior to testing it with an ASA and it was reachable from both directions.
08-15-2017 01:16 AM
[UPDATE]
After using the configurations mentioned above with the necessary adjustments pinging to and from the ASA was unsuccessful
Once again I'd like to clarify that my Windows-side firewall is allowing ICMPs both to and from itself (host) this is a matter of the ASA requiring necessary configurations to allow ICMP both out and in from within the local network.
Both networks Windows-side and in the virtualized environment are within the same subnet.
Thanks in advance
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: