Pinging ASA Interfaces

Being able to ping the ASA interface should seem like a normal behavior but there’s a little twist here. You cannot ping an interface other than the interface you are behind at. Got a little confused there, eh?

Let’s dig a bit deeper…

In the figure above, you will be able to ping the e1 interface of the ASA from the INSIDE network, e2 interface from the DMZ network and the e0 interface from the Internet. What you won’t be able to do is, ping e2 interface from the INSIDE network, e1 interface from the DMZ network, da da da daaa… you got that, right? And of course the pings are supposed to be originating from the hosts behind the interfaces and not the ASA itself.

This is no big deal but it can save you some troubleshooting time if you’re beating around the bush like me. :-P 

One thought on “Pinging ASA Interfaces

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s