I configured a pix 515. users in the lan can ping machine on the internet but cannot load any internet pages. pc on the lan have the right dns server.
please how can i resolv the dns problem ?
no access-list ping_acl permit icmp any any
no access-group ping_acl in interface inside
You do not need this acl to allow ping from the inside interface. Removing this acl will solve your dns problems etc. If you want to ping to the outside you only need to allow the reply in the outside interface acl like so...
access-list acl_out permit icmp any any echo-reply
Please rate if this helps.