Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
550
Views
0
Helpful
1
Replies

The tunnel is UP but cannot ping from end to end

kevinshkong11
Level 1
Level 1

‎04-16-2018 01:32 AM - edited ‎03-12-2019 05:12 AM

Hi ALL,

 

The VPN tunnel is UP and established but still cannot ping from end to end. When using packet tracer in ASDM, it said blocked by ACL. ACL is opened ANY to ANY.

 

Attached are 2 sites configuration

 

Kindly advise

Kevin

Labels:
Preview file
15 KB
Preview file
14 KB
0 Helpful
1 Reply 1

Rob Ingram
VIP
VIP

‎04-16-2018 03:34 AM

Hi,

 

On the JR ASA add the command inspect icmp under the global policy, E.g:

 

policy-map global_policy
 class inspection_default

 inspect icmp

 

This is already enabled on the other ASA. If that doesn't work can you upload the output of the packet trace.

0 Helpful
Customers Also Viewed These Support Documents