Traceroute Through PIX

Unanswered Question
Jul 2nd, 2007

I have a PIX with PIXOS 7.1.

I issue a traceroute from the inside host to an outside host and find that all hops behind the pix can not be seen.

There is an interface pat between inside and outside.

I have already configured

access-list outside permit icmp any any

access-list inside permit icmp any any

inspect icmp

inspect icmp error

But it doesn't work.

Can anyone give me a clue?

Thanks very much.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
srue Mon, 07/02/2007 - 07:42

try adding the following specific entries:

access-list outside permit icmp any any unreachable

access-list outside permit icmp any any time-exceeded

access-list outside permit icmp any any echo-reply

this assumes 'outside' is the acl applied to the outside interface.

Actions

This Discussion