cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
820
Views
0
Helpful
3
Replies

Two Cisco ASA 5500 VPN but only one pings

Carlos Gomez
Level 1
Level 1

Hi everyone!

I have an issue that I can't figure out. I have two cisco asa firewalls connected through a VPN, one is 5505 and the other is a 5510. From the 5505 I can ping the internal interface of the 5510, but not vice versa. Would that be a NAT issue? I used the ASDM to configure the VPN tunnels with the wizard for IPsec site to site.

Any suggestions?

Thank you

3 Replies 3

John Blakley
VIP Alumni
VIP Alumni

Make sure the management interface is configured for inside. Otherwise, it's going to be hard to say what the issue is without seeing the config.

HTH,
John

*** Please rate all useful posts ***

HTH, John *** Please rate all useful posts ***

shillings
Level 4
Level 4

Similar to John's post, is the 5510 configured with the management-access command, but the 5505 not? This is just a guess btw.

Ok, I will make sure on the 5505 that the manage interface is the inside interface. The 5510 is configured for other VPNs and it is working well. I made the VPN tunnel and it is connected, I added the NAT Exemtions on both firewalls, but like I said, can ping the inside interface of 5510 from a computer behind the 5505, but I can't ping back from the 5510 or any computer behind it. I will post the config for the 5505 later on. Thanks

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco