Cisco ASA Allow Internal Pings

A client recently said that when they tried to ping their gateway ( Cisco ASA 5505 ), they ASA would not respond to pings since they had changed their internal IP on the LAN Interface. Upon in inspection of the ASA`s configuration there was no line to allow pings (ICMP traffic) on the internal interface for their subnet. In the command below we allow pings on the internal interface.

icmp permit 192.168.0.0 255.255.255.0 inside

With the command above we tell the ASA to allow pings from the 192.168.0.0 network on the 255.255.255.0 netmask on the internal interface. If we wanted to disallow pings and remove the command from the ASA`s configuration we would use the following command.

No icmp permit 192.168.0.0 255.255.255.0 inside

Once you are happy and have tested that you can now ping the ASA on the internal interface save the configuration.

write mem

Tags: Cisco

Allen White

Allen is a Consultant for ITPS in the North East of England and holds the following accreditations. MCSA, MCSE, MCTS, MCITP, CCA, CCSP, VCP 4,5 and HP ASE, AIS - Network Infrastructure.

Leave a comment

Categories

Vote!

What Web Browser Do You Use?

View Results

Loading ... Loading ...

Vote!

What do you prefer..VMware or Hyper-V?

View Results

Loading ... Loading ...