Ping the PIX via site-to-site VPN

Hi,

I have set up a site-to-site VPN feature between two networks by connecting two PIXes, PIX515E &PIX506E. they are working fine.

The IP range :

  1. 172.27.29.0 / 24, the internal subnet in PIX506E while
172.27.29.254 is the IP address of the internal interface;

  1. 172.27.2.0 /24, the internal subnet in PIX515E while 172.27.2.254 is the IP address of the internal interface.

I can not ping the interface ( 172.27.29.254 ) while I sit in the network 172.27.2.0/24. Pinging the other hosts of the subnet

172.27.29.0/24 is OK.

How can I configure the PIXes, so that I can ping the interface of the PIX from a dedicated host or all hosts in either site ?

Thank you Benson

Reply to
Benson
Loading thread data ...

In article , Benson wrote: :I have set up a site-to-site VPN feature between two networks by :connecting two PIXes, PIX515E &PIX506E. they are working fine.

:The IP range : :1. 172.27.29.0 / 24, the internal subnet in PIX506E while :172.27.29.254 is : the IP address of the internal interface;

:2. 172.27.2.0 /24, the internal subnet in PIX515E while 172.27.2.254 :is the : IP address of the internal interface.

:I can not ping the interface ( 172.27.29.254 ) while I sit in the :network 172.27.2.0/24.

That's normal. You can usually only ping the "closest" interface to you.

:How can I configure the PIXes, so that I can ping the interface of the :PIX from a dedicated host or all hosts in either site ?

Configure a 'management interface'.

Reply to
Walter Roberson

"management-access inside" command will do the trick

good luck

Reply to
joepena

"management-access inside" command will do the trick

good luck

Reply to
joepena

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.