05-15-2014 08:54 PM
My easy vpn client can build up the vpn tunnel with my office ASA5510 successful and my vpn client can ping the internal server. But my internal server cannot ping the remote vpn client. Even the vpn client windows firewall was disable.
1. Internal server can ping the Internet through ASA.
2. Internal server cannot ping vpn client.
3. Vpn client can ping the Internal server.
Why interal server cannot ping vpn client ? Does ASA only support vpn in one way direction ?
Thanks.
Solved! Go to Solution.
05-15-2014 10:59 PM
Hi
Enable inspect ICMP , it should work for you .
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect icmp
inspect icmp error
To configure the ICMP inspection engine, use the inspect icmp command in class configuration mode. Class configuration mode is accessible from policy map configuration mode.
inspect icmp
HTH
Sandy
05-15-2014 10:59 PM
Hi
Enable inspect ICMP , it should work for you .
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect icmp
inspect icmp error
To configure the ICMP inspection engine, use the inspect icmp command in class configuration mode. Class configuration mode is accessible from policy map configuration mode.
inspect icmp
HTH
Sandy
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide