Cisco IOS 12.2 - Enabling ICMP echo + echoreply on eth0

Discussion in 'Cisco' started by Yvick Miossec, Feb 4, 2004.

  1. Hello,

    I have configured routers (Cisco 831s) across europe to communicate
    via VPN tunnels with a Cisco 2600 located at main office. Everthing is
    OK but I cannot for the life of me get pings to work within the

    I can ping any outside networks, and the public IPs assigned to any
    router from anywhere, but pings from within a router to a lan
    interface on another router does not work. Debug ICMP shows nothing on
    either source or destination router, which leads me to beleive that
    the ICMP messages are trapped somehow from within the IOS before they
    reach the relevant interface.

    No ACL is configured on the LAN interface since we firewall the entire
    VPN trafic from inside main office.

    The strangest thing is that host from either side of VPN tunnels can
    ping each other. This phenomenon is only from one router to another.

    Is this an implicit Cisco behaviour when no ACL are specified on the
    LAN interface ?

    Thanks for your attention ...

    Yvick Miossec
    IT / iMedia / Paris / France
    Yvick Miossec, Feb 4, 2004
  2. without a config it is hard to say what your problem is, but I think you
    should use an extented ping a give the ping another source
    Helmut Ulrich, Feb 4, 2004
  3. Yvick Miossec

    Hansang Bae Guest

    What does your ACL (for the IPSec) look like? Remember that routers
    will use the closest exit interface as the source for the ICMPs (unless
    you specify different)



    Hansang Bae, Feb 5, 2004
