ASA Configuration

ismail-alami · May 2016

Hey ,I Simple small Maquette to do Actuallys the LAN it's pinging to ASA but I can't ping to the Outside Interface ASA
I have tride a lot of methods and ACLs and nothing works

(Switch)>>>>(ASA)>>>>>>>>>>(Router)
= =
= =
= =
(LAN) (Web Server)

ismail-alami · May 2016

The Web Server it's connected to the Router

OctalDump · May 2016

Can router ping outside of ASA?

ismail-alami · May 2016

Hi
If you mean if the router can ping in the LAN ,some how passing thought the ASA no

Simrid · May 2016

ICMP is blocked by default for ASA's. There's two ways round this, you can create an access list allowing for icmp and icmp echo through the firewall, applying it to the correct access group. The other way round this is adding icmp to the inspection list on ASA.

I believe it is best practice to do this via an ACL.

Although this link is for PIX firewalls, the theory seems to be the same:

ASA/PIX/FWSM: Handling ICMP Pings and Traceroute - Cisco

ismail-alami · May 2016

Hi,
I tried the cmd in this document ASA/PIX/FWSM: Handling ICMP Pings and Traceroute - Cisco
And No Result
i tried a small Lab
PC---SWITCH---ASA----SWITCH---PC
the configuration in the ASA

interface GigabitEthernet0 nameif inside
security-level 100
ip address 192.168.10.1 255.255.255.0
!
interface GigabitEthernet1
nameif outside
security-level 0
ip address 192.168.102.1 255.255.255.0
!

That's all ,some friend told me i dont need ACL or NAT
all i want normal Ping form the inside to the outside

ismail-alami · May 2016

Probleme Resolved

ASA Configuration

Comments