Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Configuring OSPF

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Configuring OSPF

Not applicable

I am having some fundamental problems configuring OSPF. Here's the simple configuration:

PA interface IP:  x.y.200.94/29

Cisco interface IP: x.y.200.85/29

First problem...

From the PA CLI I can ping the remote Cisco router just fine:

admin@fs> ping source x.y.200.94 host x.y.200.89

PING x.y.200.89 (x.y.200.89) from x.y.200.94 : 56(84) bytes of data.

64 bytes from x.y.200.89: icmp_seq=1 ttl=255 time=9.92 ms

64 bytes from x.y.200.89: icmp_seq=2 ttl=255 time=1.50 ms

And yet from the Cisco router, there is no response. I do not believe I have any policies in place which block ICMP echo packets.

Any ideas?

1 accepted solution

Accepted Solutions

L0 Member

You need to create an Interface Mgmt profile that allows Ping with a permitted IP Addresses of the source.  I used 0.0.0.0/0 to open it up for everything.  You then need to assign the profile to the Interface you want to ping.

View solution in original post

2 REPLIES 2

L0 Member

You need to create an Interface Mgmt profile that allows Ping with a permitted IP Addresses of the source.  I used 0.0.0.0/0 to open it up for everything.  You then need to assign the profile to the Interface you want to ping.

Many thanks! Exactly what the doctor ordered.

So are these management profiles applied after the packet filtering policies? And I am assuming the default is "block" icmp, telnet, ssh, http and https.

Russell

  • 1 accepted solution
  • 3752 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!