Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
307
Views
0
Helpful
2
Replies

PIX vpn Question

harvey.dewan
Level 1
Level 1

‎08-18-2003 12:39 PM - edited ‎02-21-2020 12:43 PM

I have some VPN tunnels setup between a few PIX boxes, and everything works great with the following exception. I cannlt ping the inside interface on the other side of any PIX. I have enabled ICMP any,any for troubleshooting reasons but still no luck.

Labels:
0 Helpful
2 Replies 2

gfullage
Cisco Employee
Cisco Employee

‎08-18-2003 04:38 PM

Up until PIX 6.3 code you could not do this, nothing to do with your configuration or setup, you just can't ping a PIX interface from another interface. This is the same as you trying to ping the PIX outside interface from a machine on the inside interface of the same PIX (not over the VPN), you can't do it.

Starting in 6.3 code, we introduced a new command that'll allow you to ping, telnet, SSH, PDM to the inside interface of a PIX if you come in over a VPN tunnel. Just put the following in yor config (after upgrading if necessary):

> management-access inside

See http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/mr.htm#1137951 for details.

0 Helpful

matthewtan
Level 1
Level 1

‎08-18-2003 07:00 PM

Since you have allowed icmp in your ACL, i was thinking that it might be due to the following config which may be missing.

[no] icmp permit|deny []

You can try putting in the above config to explicitly allow/deny an IP address/network to ping to the particular PIX interface.

0 Helpful
Customers Also Viewed These Support Documents